Blockchain and Supply Chain Cybersecurity Threats You Should Be Aware Of

According to a recent ENISA report, strong internal security is no longer enough for organisations, as attackers have already shifted their attention to suppliers.

With many recent cyberattacks on supply chains across Europe, organisations have begun to consider alternative enhancements to their existing security measures. One of these solutions is blockchain-based cybersecurity technology.

IBM defines blockchain cybersecurity as a “comprehensive risk management system for a blockchain network, using cybersecurity frameworks, assurance services and best practices to reduce risks against attacks and fraud.”

Although many solutions using blockchain have been announced, organisations have not rushed to adopt blockchain technology. I believe blockchain can complement efforts to provide an additional layer of security, but it’s important to be wary of the risks associated with cyber cyber supply chain blockchain technology.

Areas of Highest Risk for Supply Chains

Supply chains face a number of vulnerabilities — including economic instability, extreme weather events, supplier inconsistency and more. One of the top risks to supply chains are cyberattacks. The NotPetya attack in 2016 paralysed European and American supply chains and cost them nearly $10 billion worth of damage.

There is a reason why supply chains are especially vulnerable to attacks. The organisations making up supply chains aren’t technology companies. In fact, many supply chains still use aging and legacy infrastructure and rely on insufficient third-party software, which opens the door to risk.

Blockchain as a Solution

The data structures of blockchain technology are based on consensus, cryptography, and decentralisation principles, which can enhance security.

But despite blockchain technology strongly improving since its inception, it still has several weaknesses in both security and structure that have prevented widespread adoption from organisations across the globe.

Risks Associated with Blockchain

Some of these shortcomings can make organisations more susceptible to attack. Security risks include:

Structural Issues Associated with Blockchain

Along with the security risks facing blockchain, several structural issues exist as well. Some of the structural issues preventing widespread blockchain adoption include:

This is not to say blockchain cannot be used as a valid solution. However, organisations should not rely solely on blockchain technology to keep their supply chains safe.

How to Keep Supply Chains Safe

On 15 September 2022, the European Union announced it would be advancing legislation to strengthen security requirements for all digital hardware and software products.

Even with this new framework, ENISA continues to highlight its recommendations for customers and suppliers to minimise the risk of a supply chain attack, whether they use blockchain solutions or not.

Recommendations for customers include:

As for suppliers, ENISA recommends:

A-LIGN Can Help Mitigate Risk

No one security posture can keep you safe. Organisations should not rely on security processes or frameworks alone. For maximum protection, you must put your security controls to the test.

Penetration testing is designed to assess the cybersecurity of your organisational technologies and systems. A-LIGN’s OSEE, OSCE, and OSCP Certified Penetration Testers employ automated and manual techniques to find weaknesses in servers, end-user workstations, wireless networks and web-based applications. They also assess security awareness, and the human-layer and physical facility controls to provide a complete picture of an organisation’s level of protection.

If you would like to test your organisation’s systems, contact A-LIGN today.