Authors: Andrea Little Limbago, PhD, SVP, Applied AI and Mackenzie Clark, Senior Computational Social Scientist
For over a decade, cybersecurity experts have designated each year ‘the year of ransomware’.
Although by some accounts the first ransomware attack dates back to 1989, the steady increase in ransomware attacks – and their financial impact – has been most prominent since 2013 with the CryptoLocker attack and the millions of dollars extorted from victims.
Yesterday’s news of the ransomware attack targeting software company Blue Yonder is just the latest widespread ransomware attack.
It also follows closely on the heels of the Finastra breach, which they were quick to point out was not a ransomware attack but rather a more isolated incident in terms of exposure.
A review of the companies impacted reveals the potential widespread risks despite a more isolated breach.
Blue Yonder Ransomware Attack: Isolated Incident or Sprawling Global Impact?
Supply chain software company Blue Yonder was hit hard by a ransomware attack beginning November 21, 2024, disrupting a private cloud computing service. Interos data shows thousands of direct customers could have been impacted.
Of the direct customers, the hardest hit industries were:
- Supermarkets, department stores and other retailers
- Software and IT Services
- Food Service
- Apparel Retailers
70% of the companies directly supplied by Blue Yonder are located in the United States.
“The ransomware attack on Blue Yonder highlights the heightened seasonality of cyber attacks during the holiday season. Lurking beneath the surface of even isolated attacks like Finastra, there is hidden, expansive risk exposure across the extended supply chain. Over 3.5 million businesses are at risk from this one attack: beyond thousands of direct customers of Blue Yonder, 800,000 suppliers to these companies and an additional 2.7 million that supply those suppliers are all within the blast radius of the attack.
Without visibility and monitoring, the supply chain is the snake in the grass for exposing your business to serious risk.”
– Ted Krantz, CEO of interos.ai, the AI-powered supply chain risk intelligence company
According to Interos data, of these 3.5 million companies across Tier 1, Tier 2, and Tier 3, over 36% of them are in the United States, but potential disruptions could reach much farther than that.
These 3.5 million distinct companies represent over 40 million customer relationships between buyers and suppliers.
Almost 9% of the companies are located in India, 8% in the United Kingdom, and 4% in Germany.
The top five potentially exposed industries among these companies include:
- Business Management Services
- Software and IT Services
- Consumer Goods
- Architectural, Engineering, and Design Services
- Building and Civil Engineering Construction
Finastra Breach: Could Impact Up to 3.4 Million Companies
Interos tracked the Finastra breach and identified that over 25% of the world’s 100 largest banks are directly supplied by the compromised company.
This analysis surfaced hundreds of banking and financial services companies that could be directly impacted by the Finastra breach, including private banks, national banks, and even international development banks.
When analyzing the extended impact, the number of potentially disrupted companies skyrockets.
Across Tier 1, Tier 2, and Tier 3 of Finastra’s downstream supply chain, Interos identified over 3.4 million distinct companies that could be impacted directly or indirectly by the Finastra breach through supplier-customer relationships.
Interos also identified over 778,000 companies that are supplied by one of Finastra’s direct customers (Tier 2), and over 2.6 million companies supplied by those companies (Tier 3).
Cyber Seasonality: End-Of-Year Holidays Spike in Cyber Attacks
Unfortunately, there is traditionally an end-of-year holidays’ spike across a wide range of malicious cyber activity.
The Cybersecurity and Infrastructure Agency (CISA) recently released tips exactly for this reason and to help individuals and companies stay safe online during the holiday season.
From email scams to social media supply chain attacks, it’s important to understand the threat landscape and be cyber secure and aware of the risks.
For businesses, these attacks could be devasting and far-reaching – to the tune of $100 million.
Interos’ data shows ongoing supply chain disruptions cost enterprises $100 million in annual losses on average.
Before disaster hits, Interos’s critical risk intelligence platform helps companies mitigate the financial impacts of multi-tier risks like cyber attacks by continuously mapping and monitoring extended supply chains at speed and scale.
Learn how you defend against digital threats. Speak to an expert today.