While the Internet of Things (IoT) opens up a wide range of opportunities for the supply chain, it is also vulnerable to cyberattacks. Using a threat model can help companies assess how secure their system is.
Internet of Things (IoT) solutions are becoming increasingly common for both consumers and businesses. While consumers explore Internet-connected refrigerators and webcams, in the business world IoT solutions include:
Asset tracking: IoT tools that help companies identify the location of key assets such as trucks or IT equipment;
Smart buildings: IoT tools that use distributed sensors to improve environmental quality and lower the costs of heating, ventilation, and air conditioning (HVAC) systems;
Supply chain monitoring: IoT tools that help managers predict and avoid delays and damages of in-transit goods;
Equipment monitoring: IoT tools that monitor capital equipment to enable preventative maintenance.
While these IoT solutions offer real benefits, they also introduce new security risks, like the risk of data being intercepted or compromised. Companies need to recognize these potential threats and make informed security decisions regarding an IoT solution for their organization. To accomplish this, it's helpful to think in terms of a "threat model." In security parlance, a threat model summarizes: 1) potential attack objectives, 2) the ways in which a system might be compromised, and 3) security countermeasures. Supply chain leaders need to take each of these considerations into account as they build an accurate threat model for their particular IoT solution and environment, since different IoT solutions and environments have different threat models.
Attack Objectives
As you begin to develop a threat model for your IoT application, start by identifying plausible attack objectives. An attacker may have many objectives, but the following are some of the most common worth considering:
Physical harm: If your IoT system controls the physical activity of piece of equipment (for example, an industrial automation system), an attack could take control of that activity and do damage to your equipment or the facility.
Data corruption: An attacker could send false data (or block data from being sent), causing you to make the wrong decision but without harming any equipment directly.
Data destruction: Removing data either directly from the device or from the data-recording or storage system could help an attacker cover up some other malicious activity.
Espionage: An attacker could tap into the monitoring capabilities of your IoT system to "snoop" on sensitive data, without tampering with it.
Once you have identified the objective for a potential attack, it is helpful to prioritize which ones you should focus on preventing. For each potential attack scenario, it is useful to ask yourself, "What are the consequences?" to determine the severity of the attack and prioritize concerns. For example, the threat of losing IoT data for one hour due to a bad actor jamming a communications signal is probably less serious than the risk of damage to a facility. Next, consider what reasons an attacker might have to pursue the potential attack goals you've outlined. A scenario with a clear benefit to the attacker is often a bigger concern than one without any clear motivation to act on it. Prioritize threats with a known or conceivable motivation.
Potential Weaknesses
Once you've considered what could happen, next ask, "How likely is it to occur?" Consider potential attack pathways and the security weaknesses that might enable them. IoT vulnerabilities might include configuration errors (for example, neglecting to change a default password) or misuse of access privileges (for example, if a user copies and exports data).
Another key consideration is the potential avenue of attack presented by your IoT device's communications network protocol. This will vary widely based on the network you use:
Wired: Wired solutions use a physical connection, such as Ethernet or DSL, to transmit data. These solutions tend to avoid many of the security risks of Wi-Fi and Bluetooth solutions, but they are severely limited in scalability and mobility. As this article explains, wired solutions are generally not a great fit for many common IoT applications because they require so much infrastructure.1Â It is often preferable to rely on a wireless technology for a modern IoT implementation.
Bluetooth: Bluetooth supports a number of security mechanisms for different versions of the protocol.2 While the simplest security setting offers little protection from nearby eavesdroppers, other settings offer authentication and encryption mechanisms that improve security. That said, these security mechanisms often come at the cost of ease of deployment and maintenance.
Wi-Fi: Security for Wi-Fi-connected IoT devices is best summarized by the article "Wi-Fi access for the Internet of Things can be complicated."3 While the original Wi-Fi protocol is not well-suited for mobile IoT devices, there are mechanisms being introduced that should improve security. However, as with most wireless protocols, security improvements often have negative repercussions on operational costs, ease of setup, and compatibility with other existing systems.
Cellular: IoT devices that use cellular communication come with a fair amount of built-in security, as outlined in this paper from the cellular standards group GSMA.4 Security researchers have demonstrated ways of intercepting a cell signal with specialized equipment, but these attacks generally require the attacker to be in close proximity to the targeted device. As such, security risks with cellular-based IoT solutions are generally fairly limited.
In addition to the potential attack pathway, there are a number of other factors that you need to take into account in order to determine whether or not your IoT solution is secure. Consider, for example, whether an attacker needs physical access to the IoT device, and if so, how secure those devices are. A device on the outside of a building in a remote area may be more of a risk than a device inside a locked container, for example. Also consider the device itself—what skill set, tools, and time are required to tamper with it, and would the ends justify the means? Finally, consider whether attackers might achieve their objectives by abusing access granted to an authorized individual. What capabilities would the attacker have in this scenario? What safeguards should be established to counter this risk?
Evaluating the ways in which different IoT systems can be compromised will help you to build an accurate threat model of your particular environment. In turn, this careful consideration and evaluation will help you to determine the appropriate IoT solution for a given application.
What countermeasures can you employ?
After identifying the potential attack scenarios, consider the countermeasures that are built in to protect the IoT solution. One level is physical countermeasures—things that prevent or mitigate direct access to the device. Is the device easily accessible? Does the device have ethernet or USB ports that can be used to access the firmware? Is the firmware secured? Consider options for "hardening" the IoT device itself.
Second, consider the communications network (as discussed above). Weigh the tradeoffs of cost, ease, and security to make sure the method you've chosen meets your needs. Make sure that you are employing the safeguards available with your chosen technology.
IoT systems can also employ active countermeasures, such as scanning for unauthorized or unusual access and alerting administrators or security staff, similar to other enterprise systems. Finally, user accounts can be restricted to limit misuse, and the system as a whole can be built to maintain security even if a specific sensor has been compromised.
Making the final call
IoT is creating amazing opportunities for organizations to process data and automate environmental interactions in new ways. But as with all advances, IoT comes with risks. By applying a threat model framework and analyzing the possible attack objectives, security weaknesses, and possible countermeasures, organizations can apply a familiar security framework to this new technology. Organizations that are clear-eyed about evaluating these risks will find and deploy IoT solutions to derive enormous value while maintaining appropriate security.
3. For greater detail on these complications, see Peter Thornycroft, "Wi-Fi Access for the Internet of Things Can Be Complicated," Network World (March 21, 2016),  https://www.networkworld.com/article/3046132/internet-of-things/wi-fi-access-for-the-internet-of-things-can-be-complicated.html
Container imports at U.S. ports are seeing another busy month as retailers and manufacturers hustle to get their orders into the country ahead of a potential labor strike that could stop operations at East Coast and Gulf Coast ports as soon as October 1.
Less than two weeks from now, the existing contract between the International Longshoremen’s Association (ILA) and the United States Maritime Alliance covering East and Gulf Coast ports is set to expire. With negotiations hung up on issues like wages and automation, the ILA has threatened to put its 85,000 members on strike if a new contract is not reached by then, prompting business groups like the National Retail Federation (NRF) to call for both sides to reach an agreement.
But until such an agreement is reached, importers are playing it safe and accelerating their plans. “Import levels are being impacted by concerns about the potential East and Gulf Coast port strike,” Hackett Associates Founder Ben Hackett said in a release. “This has caused some cargo owners to bring forward shipments, bumping up June-through-September imports. In addition, some importers are weighing the decision to bring forward some goods, particularly from China, that could be impacted by rising tariffs following the election.”
The stakes are high, since a potential strike would come at a sensitive time when businesses are already facing other global supply chain disruptions, according to FourKites’ Mike DeAngelis, senior director of international solutions. “We're facing a perfect storm — with the Red Sea disruptions preventing normal access to the Suez Canal and the Panama Canal’s still-reduced capacity, an ILA strike would effectively choke off major arteries of global trade,” DeAngelis said in a statement.
Although West Coast and Canadian ports would see a surge in traffic if the strike occurs, they cannot absorb all the volume from the East and Gulf Coast ports. And the influx of freight there could cause weeks, if not months-long backlogs, even after the strikes end, reshaping shipping patterns well into 2025, DeAngelis said.
With an eye on those consequences, importers are also looking at more creative contingency plans, such as turning to air freight, west coast ports, or intermodal combinations of rail and truck modes, according to less than truckload (LTL) carrier Averitt Express.
“While some importers and exporters have already rerouted shipments to West Coast ports or delayed shipping altogether, there are still significant volumes of cargo en route to the East and Gulf Coast ports that cannot be rerouted. Unfortunately, once cargo is on a vessel, it becomes virtually impossible to change its destination, leaving shippers with limited options for those shipments,” Averitt said in a release.
However, one silver lining for coping with a potential strike is that prevailing global supply chain turbulence has already prompted many U.S. companies to stock up for bad weather, said Christian Roeloffs, co-founder and CEO of Container xChange.
"While the threat of strikes looms large, it’s important to note that U.S. inventories are currently strong due to the pulling forward of orders earlier this year to avoid existing disruptions. This stockpile will act as an essential buffer, mitigating the risk of container rates spiking dramatically due to the strikes,” Roeloffs said.
In addition, forecasts for a fairly modest winter peak shopping season could take the edge off the impact of a strike. “With no significant signs of peak season demand strengthening, these strikes might not have as intense an impact as historically seen. However, the overall impact will largely depend on the duration of the strikes, with prolonged disruptions having the potential to intensify the implications for supply chains, leading to more pronounced bottlenecks and greater challenges in container availability, " he said.
A coalition of freight transport and cargo handling organizations is calling on countries to honor their existing resolutions to report the results of national container inspection programs, and for the International Maritime Organization (IMO) to publish those results.
Those two steps would help improve safety in the carriage of goods by sea, according to the Cargo Integrity Group (CIG), which is a is a partnership of industry associations seeking to raise awareness and greater uptake of the IMO/ILO/UNECE Code of Practice for Packing of Cargo Transport Units (2014) – often referred to as CTU Code.
According to the Cargo Integrity Group, member governments of the IMO adopted resolutions more than 20 years ago agreeing to conduct routine inspections of freight containers and the cargoes packed in them. But less than 5% of 167 national administrations covered by the agreement are regularly submitting the results of their inspections to IMO in publicly available form.
The low numbers of reports means that insufficient data is available for IMO or industry to draw reliable conclusions, fundamentally undermining their efforts to improve the safety and sustainability of shipments by sea, CIG said.
Meanwhile, the dangers posed by poorly packed, mis-handled, or mis-declared containerized shipments has been demonstrated again recently in a series of fires and explosions aboard container ships. Whilst the precise circumstances of those incidents remain under investigation, the Cargo Integrity Group says it is concerned that measures already in place to help identify possible weaknesses are not being fully implemented and that opportunities for improving compliance standards are being missed.
By the numbers, overall retail sales in August were up 0.1% seasonally adjusted month over month and up 2.1% unadjusted year over year. That compared with increases of 1.1% month over month and 2.9% year over year in July.
August’s core retail sales as defined by NRF — based on the Census data but excluding automobile dealers, gasoline stations and restaurants — were up 0.3% seasonally adjusted month over month and up 3.3% unadjusted year over year. Core retail sales were up 3.4% year over year for the first eight months of the year, in line with NRF’s forecast for 2024 retail sales to grow between 2.5% and 3.5% over 2023.
“These numbers show the continued resiliency of the American consumer,” NRF Chief Economist Jack Kleinhenz said in a release. “While sales growth decelerated from last month’s pace, there is little hint of consumer spending unraveling. Households have the underpinnings to spend as recent wage gains have outpaced inflation even though payroll growth saw a slowdown in July and August. Easing inflation is providing added spending capacity to cost-weary shoppers and the interest rate cuts expected to come from the Fed should help create a more positive environment for consumers in the future.”
The U.S., U.K., and Australia will strengthen supply chain resiliency by sharing data and taking joint actions under the terms of a pact signed last week, the three nations said.
The agreement creates a “Supply Chain Resilience Cooperation Group” designed to build resilience in priority supply chains and to enhance the members’ mutual ability to identify and address risks, threats, and disruptions, according to the U.K.’s Department for Business and Trade.
One of the top priorities for the new group is developing an early warning pilot focused on the telecommunications supply chain, which is essential for the three countries’ global, digitized economies, they said. By identifying and monitoring disruption risks to the telecommunications supply chain, this pilot will enhance all three countries’ knowledge of relevant vulnerabilities, criticality, and residual risks. It will also develop procedures for sharing this information and responding cooperatively to disruptions.
According to the U.S. Department of Homeland Security (DHS), the group chose that sector because telecommunications infrastructure is vital to the distribution of public safety information, emergency services, and the day to day lives of many citizens. For example, undersea fiberoptic cables carry over 95% of transoceanic data traffic without which smartphones, financial networks, and communications systems would cease to function reliably.
“The resilience of our critical supply chains is a homeland security and economic security imperative,” Secretary of Homeland Security Alejandro N. Mayorkas said in a release. “Collaboration with international partners allows us to anticipate and mitigate disruptions before they occur. Our new U.S.-U.K.-Australia Supply Chain Resilience Cooperation Group will help ensure that our communities continue to have the essential goods and services they need, when they need them.”
A new survey finds a disconnect in organizations’ approach to maintenance, repair, and operations (MRO), as specialists call for greater focus than executives are providing, according to a report from Verusen, a provider of inventory optimization software.
Nearly three-quarters (71%) of the 250 procurement and operations leaders surveyed think MRO procurement/operations should be treated as a strategic initiative for continuous improvement and a potential innovation source. However, just over half (58%) of respondents note that MRO procurement/operations are treated as strategic organizational initiatives.
That result comes from “Future Strategies for MRO Inventory Optimization,” a survey produced by Atlanta-based Verusen along with WBR Insights and ProcureCon MRO.
Balancing MRO working capital and risk has become increasingly important as large asset-intensive industries such as oil and gas, mining, energy and utilities, resources, and heavy manufacturing seek solutions to optimize their MRO inventories, spend, and risk with deeper intelligence. Roughly half of organizations need to take a risk-based approach, as the survey found that 46% of organizations do not include asset criticality (spare parts deemed the most critical to continuous operations) in their materials planning process.
“Rather than merely seeing the MRO function as a necessary project or cost, businesses now see it as a mission-critical deliverable, and companies are more apt to explore new methods and technologies, including AI, to enhance this capability and drive innovation,” Scott Matthews, CEO of Verusen, said in a release. “This is because improving MRO, while addressing asset criticality, delivers tangible results by removing risk and expense from procurement initiatives.”
Survey respondents expressed specific challenges with product data inconsistencies and inaccuracies from different systems and sources. A lack of standardized data formats and incomplete information hampers efficient inventory management. The problem is further compounded by the complexity of integrating legacy systems with modern data management, leading to fragmented/siloed data. Centralizing inventory management and optimizing procurement without standardized product data is especially challenging.
In fact, only 39% of survey respondents report full data uniformity across all materials, and many respondents do not regularly review asset criticality, which adds to the challenges.