A Digital Typhoon | Weeks of 13 - 27 Oct '24
Risk concerns this week: Chinese hacker infiltration months in the making. Multiple supply chain crises.
Hello 👋 get a brew on because these are the top 3 emerging risks between October 13th, and October 27th, 2024…
Technological | Our main coverage this week concerns a Chinese based hacker group dubbed as Salt Typhoon who have reportedly sat in U.S. internet service providers (ISPs) for months. They have been quietly collecting confidential and sensitive information from government, local emergency services, and communication channels and only recently have efforts been made to remove them.
The attack highlights the vulnerability of critical infrastructure from sophisticated cyberattacks. Even those seemingly focused on intelligence collection are at risk. We dive into this further below.Economic | The recent ILA port strikes on the East Coast and Gulf Coast had a significant impact on the U.S. supply chain. While a temporary agreement was reached on October 4th, 2024, delaying the strike until January 2025, this only provides short-term relief and highlights that we may be seeing a smouldering crisis emerge.
If your business relies on timely deliveries from these ports or supply chains associated to the US, this may have a ripple effect we won't notice a few months into 2025. The most likely impact of a prolonged strike is further supply chain congestion, delays, cargo damage, and business interruptions. Preventative actions for businesses include reviewing contracts for strike and delay clauses and assessing insurance coverage for potential disruptions.
The major concern surrounds port automation, a key issue yet to be resolved. While a wage increase agreement was reached, this sticking point has the potential to reignite the strike in January 2025. The ILA strongly opposes automation due to concerns about job displacement, and its president, Harold Daggett, aims to establish an international union to fight automation globally. This raises the risk of further strikes and disruptions, jeopardizing billions of dollars in trade daily and impacting GDP. The impact of this situation is compounded by the fact that U.S. ports already lag behind other countries in terms of efficiency.Economic | The impacts towards global maritime shipping and supply chains continue to develop 6 months in as tensions remain. Ships have been rerouted around the Cape of Good Hope, increasing transit times, costs, and causing port congestion. The diversion has led to a 66% drop in traffic through the Suez Canal and a 15-20% reduction in available shipping capacity by mid-2024.
Key challenges include increased operational costs, capacity shortages, and supply chain uncertainty. Experts highlight the strain on shipping systems and growing concerns over inventories. The disruptions underscore the need for businesses to strengthen supply chain resilience through diversification, partnerships, and data-driven decision-making. The future remains uncertain, but the Red Sea tensions have revealed further vulnerabilities in global trade.
Our thoughts
Nelson, a small coastal region in New Zealand went through a devastating fire in 2019 that effected a large portion of New Zealand’s entire timber industry. Grant Pearce, a fire scientist from the Scion Rural Fire Research Group, pointed out that the extreme fire danger and devastating effects on forest plantations could have lingering economic consequences that may not be felt for 10 to 15 years, especially since the lifecycle of timber spans multiple decades. This makes it difficult to assess the full financial impact immediately after such events.
In the US, a similar long-tail crisis is emerging out of the supply chain industry as a result of lingering tensions from port workers and the ILA, the Red Sea conflicts, and potential new tariffs on foreign imports. It's a reminder to consider how something emerging now could impact you later. Having processes in place to monitor how that risk evolves alongside your business is critical.
Finally, Salt Typhoon's breach of major ISP's highlight the vulnerability of cyber operations at the highest level, while continuing to confirm the advancement of cyber warfare. Could we see the evolution of AI enhance this to an unimaginable level? Probably. But cyber threats are still cyber threats. Humans will exploit the vulnerabilities other humans leave behind. If you’re concerned about the growing risk of cyber, consider how building better awareness and cyber competency could be an affordable, effective tactic.
Want to discuss how these threats might effect your business?
Book 30 minutes with us, free ↗
“Historically significant and worrisome” - US Govt
Category: Technological
Review our report’s terminology here ↗
In summary: Imagine an invisible CCTV being installed in your home, silently observing your every move, taking notes on your conversations, and stealing valuable items. That's the Salt Typhoon cyberattack in a nutshell. One of many sophisticated hacking groups, likely affiliated with the Chinese government, stealthily infiltrating the networks of major U.S. internet service providers like Verizon, AT&T, and Lumen. They remained undetected for months, potentially even longer, siphoning off internet traffic and lurking in systems used by the U.S. government to request court-authorized wiretaps. This means they could see what the U.S. government was investigating, including sensitive counter-intelligence operations targeting Chinese spies.
The hackers may have gained access by exploiting vulnerabilities in Cisco routers, core components that direct internet traffic. Their motive, based on their actions, appears to be intelligence collection rather than immediate disruption. However, the potential damage is immense. By understanding U.S. surveillance activities, they could protect their own espionage efforts and even prepare for future conflicts. The attack highlights China's growing cyber capabilities, which have evolved from noisy data theft to sophisticated and stealthy intrusions into critical infrastructure. This "digital spy" embedded in America's digital life poses a significant national security threat.
We will report on additional cyber threats from Chinese sourced hackers in a new deep dive soon, but what is abundantly clear is that private businesses are now seen as effective gateways to national level data sources. Moving the risk from the government to the private sector.
Sources:
U.S. Wiretap Systems Targeted in China-Linked Hack | The Wall Street Journal
The Chinese Hackers Spying on U.S. Internet Traffic | The Journal Podcast (by WSJ)
Salt Typhoon Hack Shows There's No Security Backdoor That's Only For The "Good Guys" | EFF
You should be concerned if…
You are using any of Verizon Communications, AT&T, and Lumen Technologies. However, while our sources primarily focus on these three major U.S. providers, they also mention that the attack might have impacted a small number of service providers outside the U.S.
All organizations, particularly those in the telecommunications and technology sectors, should be concerned about Salt Typhoon.
The attack highlights the vulnerability of critical infrastructure to sophisticated cyberattacks, even those seemingly focused on intelligence collection.
If your organisation collects and manages vast libraries of personal data, you are potentially a focus area for these organisations. It is reported by U.S. intelligence services that upwards of 600,000 hackers are employed to infiltrate organisations globally.
These items are generic assumptions. We recommend considering your own unique threat landscape against your critical dependencies. If you don’t know what they are, get in touch.
Disruption Risks
IT Communications Failure
Inability to communicate internally or externally, leading to delays.
Interrupted services and potential loss of clients due to communication breakdowns.
Perception of unreliability by clients or partners.
Security / Access Malfunction
Potential for unauthorised access or inability to secure sensitive areas.
Costs to repair or upgrade faulty security systems.
Theft, Fraud, or Malice
Direct theft of money, assets, or intellectual property.
Loss of trust from customers and partners if fraud occurs.
Loss of critical assets may halt or delay business functions.
Cyber Attack / Denial of Service Attack (DoS)
Loss of access to critical systems, resulting in downtime and operational delays.
Costs associated with restoring systems, paying ransom, or addressing lost revenue.
Loss of customer trust due to data breaches or service disruption.
Preventative actions
Strengthen Network Security: Implement strong security measures, including multi-factor authentication, intrusion detection systems, and regular security audits.
Employee Training: Educate employees about cybersecurity best practices, including phishing awareness and password hygiene.
Collaboration and Information Sharing: Share threat intelligence and collaborate with industry peers and government agencies to stay informed about emerging threats.
Incident Response Planning: Develop and test incident response plans to ensure a swift and effective response to any cyber incident.
Regular Patching: Keep all software and systems up-to-date with the latest security patches.
Network Segmentation: Divide your network into smaller, isolated segments to limit the spread of an attack.
Monitoring and Detection: Implement continuous monitoring and threat detection tools to identify suspicious activity.
Regular Backups: Ensure regular backups of critical data to aid in recovery from a cyberattack.
Engage Cybersecurity Experts: Consider engaging cybersecurity experts to assess your organization's security posture and recommend improvements.
Need support?
At Fixinc, we are passionate about helping people get through disasters. That’s why our team of Advisors bring you this resource free of charge. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.