Today’s edition of the Financial Times features a headline article on the growing threat of organized cyber threats on corporate systems. (paid subscription required or free metered view) It outlines how criminal networks have increasingly been stealing information and extorting money not to release that information.
One of the examples cited was a 2008 hacking attack directed at today’s global leader in contract manufacturing, Foxconn, who happens to be Apple’s predominant manufacturing services provider. The same contract manufacturer performs manufacturing for some of the world’s premiere high tech companies including Dell, HP, IBM and others. FT cites sources with direct knowledge as indicating that hackers breached the contract manufacturer’s email system to exploit Foxconn’s then head-to-head rivalry with battery maker BYD. Both companies at the time were intensely competing in the design and manufacturing of alternative energy components. The plan was apparently to blackmail both parties with the threat of releasing the hacked information, but was aborted. Both companies declined FT’s requests to confirm this attack.
The article also cites reports late last year that heavy machinery producer Sany hired hackers to spy on its industry rival Zoomilion. Three Sany executives were arrested as a result of this case.
A supply chain risk mitigation plan needs to umbrella, among other areas, the increased threat of cyber information attacks. As is often the case, the weakest links in global supply chains, namely supplier networks, can sometimes be the target of such attacks. Insure that your supplier audits involving strategic suppliers include some basis of insuring that adequate information security measures are in-place.