On March 1st, Tuesday, one of the world’s largest automakers, Toyota Motor, woke up to the horrible reality of cybercrime. One of its major suppliers, Kojima Industries, was hit by a ransomware attack, and Toyota was forced to halt its operations across Japan.
The company suspended 28 lines at 14 plants in Japan on Tuesday to assess attack severity and prevent threat propagation. Affiliates, Hino Motors and Daihatsu Motor also halted operations over security concerns.
The one-day closure of its pivotal plants that account for about a third of its global production is believed to have impacted the output of around 13000 cars, causing significant revenue loss.
With the automaker already battling supply chain disruptions caused by the pandemic, the cyberattack comes as a double whammy, further derailing production, impacting revenue, and hurting the brand reputation.
Although Toyota resumed production on Wednesday after a one-day shutdown, the cyberattack, nevertheless, exemplified how even large organizations are falling prey to supply chain attacks and how the supply chain has become the weakest link in security.
Preventing Supply Chain Attacks from the Ground-Up
Today’s supply chains are highly evolved. They are no longer just about transferring physical goods and services. They are complex and include the software supply chain or the flow of confidential information. This makes every company an inevitable part of the global supply chain at one point or another and therefore susceptible to supply chain attacks.
Given the risk and attack implications, it is no longer enough to just secure the corporate network with perimeter security and intrusion detection systems. It is crucial to continuously monitor the information flow in the supply chain and protect data to evade cyberattacks.
To start with, organizations need to take a two-pronged approach to securing the corporate network and the supply chain. It entails:
- Establishing strong access controls such as multi-factor authentication (MFA)
- Encrypting all network communications
This is where Identity and Access Management (IAM) plays a vital role. IAM puts identity at the center of security and therefore enables organizations to provide the right access to the right resources. Multi-factor authentication, considered the new security basic, is an integral part of IAM that allows organizations to provide secure access to the network by performing extensive security checks.
By treating identity as the new perimeter and implementing a robust IAM strategy, organizations will not only be able to secure the physical supply chain but also protect the data supply chain.
Stepping Up Supply Chain Security with Machine Identity Management
With hyperconnected reality becoming incredibly ubiquitous, public key infrastructure (PKI) stands as the first and most important layer of defense against such attacks. PKI provides a framework to establish identities for every machine on the network and gain complete visibility of IT assets. Having visibility into where the assets are and knowing the information they share makes it easy to control access and secure their communications. It also helps in identifying and remediating security issues quickly.
Machine identities also referred to as digital certificates and keys, provide organizations with the means to authenticate machines for secure access and encrypt their communications for secure data transmission. They enable security teams to continuously monitor every machine on the network regardless of where it is located and create a safe environment for communication. They help organizations decentralize security and give every machine the power to protect itself in perimeter-less environments.
Automation Is Key to Managing Machine Identities Well
Managing machine identities well is critical for authentication and encryption to work appropriately. Poor management of machine identities can interfere with these mechanisms and make machine-to-machine communications vulnerable to attacks.
Most organizations today manage digital certificates and keys with manual processes such as spreadsheets and home-grown systems. Given the massive volume of machine identities in today’s IT environments, managing them manually can get quite overwhelming.
Manual processes also present a litany of challenges such as lack of visibility, delayed certificate renewals, certificate misconfigurations, overlooked certificate expiry, scattered management, and non-compliance. These challenges often lead to application outages and unaddressed vulnerabilities that, in turn, weaken the overall security posture.
The answer to these certificate lifecycle management (CLM) issues lies in automation. An automated CLM solution provides a holistic framework to manage and protect machine identities efficiently. It simplifies and streamlines every aspect of certificate lifecycle management, right from discovering certificates to renewing and revoking them – by eliminating the need for human effort. It provides organizations the ability to manage machine identities from a single central console, thereby helping proactively monitor network communications and preempt potential security issues.
Proactive Monitoring is No Longer a Choice
The Toyota attack is yet another high-profile casualty that shows that cybercriminals are getting increasingly successful in executing supply chain attacks. No organization is immune to such risks. So, it’s time for organizations of all sizes to stop relying on legacy digital identity management approaches and adopt an advanced, agile, and multi-layered security model well suited for changing times.