What’s Causing Port Backups and Shipping Delays? – Interos

By Alberto Coria

Since 2020, shipping delays have been one of the defining supply chain disruptions of the pandemic era. For several years those delays could be largely attributed to port backups, with cargo ships stuck in long backlogs, waiting to dock and unload containers.

Now, the chokepoint has moved further downstream to the “dwell times” containers are facing at ports before being shipped to warehouses. These dwell times have grown due to a nationwide shortage of intermodal chassis (the unique trailer trucks use to move shipping containers between ports, railways, and shipper facilities) which has caused railyards to become congested and affected their ability to accommodate shipments from ports.

While labor issues have not yet become a critical factor in port or railyard congestion, disputes with unions still linger and pose a potential operational disruption in the future. Understanding the complexity of the situation at U.S. ports is critical for protecting your supply chain, as is investing in resilience-focused technologies that enable insight into that complexity.

In this blog, the analysts from Interos dive deeper into the causes behind increased dwell times, and the ripple effect they’re having across the entire U.S. supply chain.


U.S. ports have now reduced the backlog of ships waiting in port by an average of 70%, but the issue now lies in dwell times, which is how long goods must sit at ports before they can be transported to warehouses or their final destinations. Due to an ongoing backlog at railroad terminals such as in Chicago, ports don’t have the capacity to move goods out of their ports fast enough once they are unloaded off ships.

Shortage of Intermodal Chassis

An intermodal chassis is a rubber-tired trailer under-frame on which a container is mounted for truck transport and is necessary to transport containers from ocean or rail to truck. A nationwide shortage of intermodal chassis is one of the key drivers behind rising dwell times at ports. Additionally, a surge in shipments that has elevated the need for intermodal chassis in the U.S. has occurred at the same time as U.S. tariffs have reduced the imports of chassis units from China. The tariffs, which were announced in September 2018, caused chassis imports from China to decrease by 25,000 – 30,000 units in 2019, with American manufacturers failing to increase production at levels needed to replace the lost units.

Line graph showing chassis imports over time.

Surge in China Shipments

As COVID-19 emerged in China and became a worldwide pandemic in March of 2020, shipments from China to the U.S. dropped. With COVID regulations in the U.S. also beginning to take effect, port labor was furloughed or cut. Once trade resumed, port workers were slow to return to work as shipments began to rise again, creating a backlog of ships waiting to dock at U.S. West Coast ports. This backlog was only reduced to normal levels at the end of Q2 2022.

Line graph showing a rise in Shipments from China over the course of 2019 - 2022.

When the port of Shanghai was under lockdown due to China’s “zero-COVID” policies in May and July of 2022, shipments slightly dropped before surging upwards to levels typically only seen during the holiday season in the U.S. ($48.6 billion USD in June 2022, similar to $49.9 billion USD in December of 2021).

As shipments from China to the U.S. were continuously rising, a surge of imports after the Shanghai port closure occurred at the same time as a national intermodal chassis shortage was occurring in the United States. Railroad terminals had a backlog of containers as they could not find intermodal chassis to offload the containers to trucks, forcing them to reduce shipments from ports, and in turn, causing the dwell time for containers at ports to rise.

Railroad Congestion and Port Dwell Times

Due to the shortage of intermodal chassis in the U.S., railroad terminals such as Chicago are not able to offload their cargo to trucks and have containers sitting on railcars in their terminals, which is, in turn, limiting their ability to take in more shipments from ports.

Chicago’s railyard is the world’s third busiest intermodal hub, where nearly a quarter of the U.S.’ rail shipments arrive or pass through. Chicago is also one of the nation’s prime distribution hubs, as it is within a 500-mile journey of about one-third of the U.S. population. With Chicago playing such an important role within the freight railroad ecosystem, its congestion is one of the key drivers behind the rising dwell times at key U.S. ports such as LA, Long Beach, Savannah, New York, and Charleston.

Another issue causing Chicago’s railyard to experience such high congestion has been a pandemic-driven decrease in the number of rail workers, while railroad operators simultaneously moved to implement precision-scheduled railroading (PSR). PSR is a strategy for railroads to drive more efficient operations on fixed schedules, with the intent to use fewer railcars, and fewer terminals, and provide predictable and reliable service. However, the PSR implementation effectively made railroad operators unable to deal with fluctuations in the supply chain, and with the recent surge of shipments from China, the industry has found itself to have a shortage of equipment to deal with the surge.

In some ways, PSR is a microcosm of the bigger-picture supply chain problems created by the dominant Just-in-Time (JIT) inventory/operational model that has dominated international trade and manufacturing for the past forty years. The JIT model also leverages highly precise scheduling and demand forecasting to minimize storage and shipment costs, prioritizing efficiency over most other metrics for success. Like PSR, the JIT model similarly buckled under the unpredictable demand spikes crated by COVID. Taken together, the failure of both of these systems makes the case that resilience must demand equal or even greater priority than efficiency.

Labor Issues

In contrast to the ongoing infrastructure issues causing port and railyard congestion, labor disputes for both industries appear to be negotiated in good faith by port and rail operators. The majority of labor disputes are regarding port or rail operators seeking to purchase equipment that increases the level of automation in their operations, and therefore threatens the jobs of union workers. As government investment into U.S. infrastructure increases, it is likely that the number of unions filing labor disputes against proposed automation will increase. Interos recommends continuous monitoring of these labor disputes.

Current Labor Market

Interos analyzed official employment data from the U.S. Bureau of Labor Statistics from 2012 – 2021 and found the data suggests that employment in 2020 dropped significantly since 2019 due to the COVID-19 pandemic, but it is not yet at a level of critical risk.Line graph showing jobs in rail transportation over time.

Interos also analyzed employment data for port labor for the years 2012-2021 and found the data suggests that employment levels for port workers dropped significantly since 2019 due to the COVID-19 pandemic but is not yet at a level of critical risk.

Line graph showing water transportation jobs over time.

Potential Outcomes

The chokepoint causing congestion at ports and railyards has moved downstream from backlogs of ships waiting to dock to long dwell times and overflowing railyards. The congestion is also now apparent at ports throughout the U.S. as opposed to just being a West Coast port problem as it was in 2020 and 2021. Interos has modeled three hypothetical scenarios representing possible outcomes:

Best: Government-funded infrastructure projects are implemented quickly, and U.S. intermodal chassis producers meet demand within 6-12 months. The long dwell times and congested railyards are likely to diminish within 12 months in this scenario.

Moderate: Government-funded infrastructure projects are implemented within 2-3 years and U.S. intermodal chassis producers meet demand within 12-18 months. The long dwell times and congested railyards are likely to diminish within two years in this scenario.

Worst: Government-funded infrastructure projects take over 4 years to be implemented, U.S. intermodal chassis producers meet demand within 2-3 years, and the port and rail unions implement a labor strike. In this scenario, the long dwell times and congested railyards are likely to continue for up to four years before diminishing.


Despite massive reductions in cargo ship backups, major U.S. ports and railyards still face significant delays due to supply chain issues surrounding intermodal chassis availability, a workforce that is still slowly recovering from COVID-driven layoffs, and the adoption of new railyard technologies that prioritize efficiency over resilience.

Despite popular belief, labor disputes currently have relatively little influence over these delays, though that may change as both the implementation of — and opposition to — automated port and rail technologies increases.

With enough government investment in critical infrastructure, and a more widespread adoption of resilience-focused approach to operations alongside the technologies that enable it, these delays could be greatly reduced within a matter of twelve months. However, a failure to do so will likely mean continued shipping delays for many U.S. industries and consumers.

To learn more about the potential impacts of supply chain disruptions and what companies are doing about it, check out our annual industry survey, Resilience 2022.

The Global Supply Chain & Operational Resilience are Bigger than Protectionism

By Geraint John

Since the U.S.-China trade war kicked off in early 2018, “supply chain resilience” has become a top agenda item for procurement leaders, company bosses and legislators alike.

The case for resilience has been massively strengthened during this period by the COVID-19 pandemic, severe semiconductor shortages, and most recently Russia’s invasion of Ukraine.

But what started out as a largely operational effort by businesses to shore up fragile supply chains is in danger of being subsumed by political considerations, as governments pour money into favored firms on home soil in an attempt to reverse globalization.

In this febrile atmosphere, advocates of operational resilience need to guard against attempts to narrow its focus unduly to national interests and protectionist trade policies.

Globalization & bringing production ‘back home’

Recent years have seen a growing debate about whether globalization — a 30-year-plus stretch in which hundreds of thousands of firms shifted production to far-flung destinations in search of cost efficiencies — is in retreat.

Bringing sourcing and manufacturing activity back to home countries (onshoring or reshoring) or neighboring ones (nearshoring) is seen as proof that global supply chains are not the panacea they once were.

After several false starts, in which there has been plenty of talk but relatively little action, Wall Street is now pointing to evidence that suggests a reverse trend may finally be real. 

Last month, analysts at Bank of America and Barclays were among those who noted a growing number of references to reshoring by CEOs and other senior executives at S&P 500 companies during second-quarter earnings calls.

Data from Bloomberg shows a 1,000% increase in use of the terms onshoring, reshoring, and nearshoring in these calls compared with pre-pandemic levels (see chart).

Coming Home: Supply chain shifts get more attention during corporate presentations.

The business drivers for changing global operating models in this way include:

  • A closing of wage differentials between offshored locations — especially China — and home nations
  • More expensive logistics costs to transport components and finished goods by air and sea
  • Extended lead times and shortages of materials and labor caused by COVID lockdowns and other disruptive events
  • The need to respond more quickly to evolving customer requirements in local markets 

An expanding national security agenda impacts operational resilience

At the same time, governments in the U.S., Europe and elsewhere are pushing for the rebuilding of domestic supply chains in the name of national security and self-sufficiency.

In practice, this means reducing dependence on China and Russia as tensions escalate and a largely stable and benign era of international free trade is fractured by the battle for global economic and geopolitical supremacy.

Russia’s war in Ukraine highlighted just how reliant many countries are on it for supplies of oil and natural gas, as well as many critical industrial and agricultural commodities.

China, meanwhile, remains the world’s preeminent manufacturing base, and an electronics powerhouse that dominates supply chains for everything from 5G networks to lithium-ion batteries.

Both countries have been subjected to an ever-growing list of Western sanctions and export controls, with Russia essentially closed for business and China’s access to U.S. and European chip-making equipment and related technologies heavily restricted.

U.S. House Speaker Nancy Pelosi’s controversial visit to Taiwan at the beginning of August shone a spotlight on that island’s almost total control of advanced semiconductors — used not only in the latest smartphones, but also cutting-edge military systems — and its vulnerability to a Chinese takeover.

A&D semiconductor supply chains rely on Taiwan and China

An analysis of Interos’ global relationship platform data shows that:

  • The major U.S. aerospace & defense (A&D) companies each have as many as 85 direct (tier-1) relationships with semiconductor suppliers 
  • The vast majority of these tier-1 relationships are with U.S.-headquartered companies, led by the likes of Intel, Broadcom and Nvidia 
  • At the tier-2 level, big Taiwanese chip makers such as Taiwan Semiconductor Manufacturing Co. (TSMC), Advanced Semiconductor Engineering (ASE) and United Microelectronics Corporation (UMC) have hundreds of connections to U.S. A&D supply chains  
  • SMIC, China’s largest semiconductor manufacturer, has over 300 connections to tier-1 suppliers serving U.S. A&D customers, and there are many other Chinese-owned suppliers present in these supply chains at tiers 2 and 3

In a survey conducted by Interos in the first quarter of 2022, U.S.-based respondents in A&D said that, on average, almost two-thirds (64%) of their suppliers were located outside North America, with 16% in Asia (see chart below).

They expected just over half (53%) of these contracts to be reshored or nearshored during the next three years.

Location of U.S.-based A&D companies' suppliers.

Public subsidies incentivize regional production

Regionalizing semiconductor manufacturing to reduce over-concentration in Taiwan makes sense to the West for risk diversification and national security reasons — particularly in the light of China’s extensive live-fire military drills in the area following Pelosi’s visit.

Manufacturers such as TSMC, Intel, Samsung, and Micron are being showered with billions of dollars in public subsidies to build fabs in the U.S., buoyed by the recently passed CHIPS and Science Act

It’s a similar story for the lithium-ion batteries needed to power a new generation of electric vehicles (EVs) and clean energy solutions. 

The climate measures of the new Inflation Reduction Act promise over $15 billion in subsidies for EV and other manufacturers to expand capacity within the U.S. 

As it stands, this legislation goes further in a bid to reduce dependence on China by withdrawing consumer tax credits from vehicles that contain Chinese battery components (in other words, most of them).

In practice, however, replicating entire supply chains onshore, whether for silicon chips or lithium-ion batteries, is likely to be prohibitive for both cost and time reasons, putting operational resilience in jeopardy.

An in-depth article by Nikkei Asia lays bare the fact that semiconductor supply chains are reliant on a complex network of specialist sub-tier suppliers, not all of whom are going to set up shop next door to shiny new wafer plants.

The U.S. government appears to accept that domestic supply chains have their limits, judging by recent speeches from top officials.

Treasury Secretary Janet Yellen and Trade Representative Katherine Tai are among those who have been busy promoting the virtues of “friendshoring” — doing business only with trusted allies and not authoritarian regimes.

While this concept, and government intervention to support domestic production, seem like sensible strategies to boost supply chain resilience in critical industries, they have come under fire from a number of respected commentators.

Earlier this month, Financial Times trade columnist Alan Beattie questioned whether fashioning an anti-China trading bloc will really be that simple and argued that subsidies and tax credits have the potential to distort markets and increase prices.

And a cover story in The Economist on reinventing globalization warned: “The danger is that a reasonable pursuit of security will morph into rampant protectionism.”  

Resilience is about more than security

Where does all of this leave procurement, supply chain, and operational resilience leaders? 

For starters, they should be wary of attempts by some politicians and journalists to equate supply chain resilience solely with re/near/friendshoring and national security (including in the otherwise excellent Nikkei article mentioned earlier).

Research by the International Monetary Fund (IMF), discussed in a previous blog, concluded that diversifying sources of supply abroad is a more effective way of building resilience than concentrating it at home. 

This finding is supported by a newly published Gartner survey of 400 global supply chain leaders, which found that diversification away from China to other low-cost countries in Asia was more prevalent than nearshoring to developed markets.  

A balanced view of supply chain resilience in a changing trade environment comes from Christine Lagarde, a former IMF boss who is currently President of the European Central Bank.

In a speech in Washington, DC, in April, Lagarde pointed to “three distinct shifts in global trade”:

  1. Reducing dependence and geographic concentration risk by diversifying suppliers, stockpiling essential materials, and operating “just-in-case” supply chains.
  2. Focusing less on cost efficiency and more on supply chain security through industrial policies and other government measures.
  3. Developing regionalized import-export and risk-sharing models where the first-choice “rules-based multilateral trading system” no longer functions effectively.

Three Distinct Shifts in Global Trade: Dependence to Diversification, Efficiency to Security, and Globalization to Regionalization.

Lagarde argued that the goal for Europe should be “open strategic autonomy” — defined as striking “a careful balance between insuring against risk in areas where our vulnerabilities are excessive and avoiding protectionism”.

At a time when the benefits of globalization and free trade — including prosperity, innovation, openness, and integration—– are under attack, this is a message that the U.S. and other developed economies would be wise to embrace.

To learn more about how the Interos platform can help your firm face challenges relating to globalization, supply chains, and operational resilience, visit interos.ai.

Battery Supply Chains’ Reliance on China threatens the Electric Revolution

By Geraint John

Global sales of electric vehicles (EVs) hit the accelerator pedal last year, with their market share speeding past 10% of new car registrations in the first half of 2022.

That’s great news for the planet, since passenger cars account for more than 40% of total carbon dioxide emissions annually worldwide, whereas EVs emit zero.

But from a supply chain perspective, the rapid growth of EV sales poses two particularly significant and worrisome challenges:

  1. The supply of key raw materials used to make rechargeable lithium-ion (Li-ion) batteries – the most important component in every EV – is not expected to keep up with demand.
  2. The processing of these raw materials and battery production are both dominated by China, at a time when geopolitical tensions are rising and developed economy governments want to reduce their strategic dependence on the country.

The importance of building a strong EV supply chain strategy

In recent months, the CEOs of several auto makers, including Tesla, Rivian and Stellantis, have spoken out about a looming supply shortage of Li-ion batteries during the next 3-5 years – one potentially far worse than the current semiconductor crisis.

Their concerns center around a projected deficit in the availability of lithium and cobalt – two of the main ingredients in battery cells – along with a lack of future capacity to refine these materials and manufacture the much higher battery volumes required.

Last week, the world’s biggest producer of lithium for EV batteries warned of a tight supply market for the rest of this decade.

High demand and constrained supply have already caused significant raw material inflation, particularly for lithium. Prices for battery-grade lithium carbonate are up 375% year on year, and 116% in 2022, according to Benchmark Mineral Intelligence (BMI).

Raw materials now make up 80% of the cost of a Li-ion battery, reports BMI – double the share in 2015.

This has forced auto makers to raise list prices for EVs, and at least temporarily halted the notion that lower battery costs will make EVs more affordable for consumers.

Lithium prices have spiked sky-high

The EV battery supply chain is dependent on China and Russia

Concentration risk is also a major concern. The latest global mining data shows that extraction of cobalt, graphite and lithium are highly concentrated in the Democratic Republic of the Congo (DRC), China and Australia respectively, based on the Herfindahl-Hirschman Index.

The DRC, which produces 70% of the world’s cobalt supply, is tainted by the use of child labor. And the second biggest source of cobalt is Russia, which is also the leading producer of battery-grade nickel.

Concentration risk for Li-ion batteries becomes even more pronounced further downstream in the supply chain. A new report by the International Energy Agency (IEA) notes that China:

  • Owns more than half of the world’s processing and refining capacity for lithium, cobalt and graphite.
  • Controls 70% of global production capacity for cathodes and 85% for anodes – the two key battery components.
  • Manufactures three-quarters of the world’s supply of Li-ion batteries, and accounts for 70% of new production capacity set to be added through 2030.

China dominates the entire downstream EV battery supply chain.

An Interos survey of 750 procurement executives in Q1 found that 85% were concerned that their supply bases were too concentrated in certain geographic regions, such as China.

A similar share of participants in the aerospace & defense (A&D) and IT & technology sectors – both also significant users of Li-ion batteries – took the same view.

Chinese producers are heavily embedded in key industry supply chains

An analysis of Interos’ global relationship platform data reveals that:

Battery Supply Chains' Reliance on China threatens the Electric Revolution.

  • Almost 300 A&D entities in the U.S., Europe and Japan have the leading Chinese lithium firms Ganfeng Lithium Co., Tianqi Lithium Corporation and Zijin Mining Group in their supply chains.
  • China’s primary cobalt miner – and the world’s second largest after Glencore – China Molybdenum indirectly supplies a slew of leading automotive components, car manufacturing and A&D firms operating in Japan and China.
  • Almost 167,000 U.S., European and Japanese firms have indirect (tier-2 or tier-3) relationships with Chinese cathode and anode components firms, notably Ningbo Shanshan, BTR New Materials Group Co., Shenzhen Capchem Technology Co. and Tianjin B&M Science and Technology Co.
  • Almost 500 technology and automotive manufacturers in the U.S., Europe and Japan use the top three Chinese Li-ion battery makers, Contemporary Amperex Technology Co. (CATL), BYD and China Aviation Lithium Battery Co. (CALB).
  • South Korean battery makers LG Energy Solution, Samsung SDI and SK Innovation are rated as “low risk” (average i-Score of 79), whereas Chinese battery makers BYD and CALB are rated “medium risk” (average i-Score of 63).

Alternative strategies deployed by governments and OEMs

The dependence on Chinese refining, component and battery manufacturers is of concern not only to companies, but also to many Western and Asian governments.

Last year the U.S. Department of Energy published a blueprint for lithium-based batteries. In the context of a market that is expected to grow 5-10 times in size by 2030, it calls for the development of a domestic supply chain to support EVs, electrical grid storage, aviation and national defense.

The plan includes more secure access to raw materials; the elimination of cobalt and nickel from battery formulas; and the expansion of onshore processing, cell production, pack manufacturing and recycling capacity.

Lithium-Based Battery Supply Chain.

Source: National Blueprint for Lithium Batteries, 2021-2030, Federal Consortium for Advanced Batteries

The European Commission unveiled a similar strategy back in 2018, while in Japan the Battery Association for Supply Chain was established last year, with 55 member firms spanning all industry segments, to develop policy recommendations.

Auto makers aren’t waiting around for national governments to reshape battery supply chains. Many are now pursuing their own strategies in an effort to head off future supply chain disruptions. The two main ones are:

  • Direct sourcing from mining companies. During the past 12 months, Tesla has signed contracts with lithium, nickel and graphite miners, including BHP and Vale, as it ramps up its battery raw material purchasing. BMW and General Motors have each made multi-million dollar investments in lithium mining projects, while Ford, VW, Renault and Stellantis have all done their own lithium supply deals. GM has also signed a multi-year agreement for cobalt with Glencore.
  • Diversification of battery manufacturing.S., European and Japanese OEMs are also extending their cell components and battery pack production capacity outside China. Suppliers Panasonic, LG Energy Solution and Samsung SDI have announced new battery manufacturing plants on the U.S. east coast. Redwood Materials, an electronics recycling specialist, is building a new cathode material plant in Nevada, close to Tesla’s Gigafactory. And Europe’s Northvolt is planning new factories in Germany and Sweden.

Changing battery chemistries is another strategy being pursued by auto makers such as VW and Tesla to improve range, lower costs and reduce dependence on raw materials such as cobalt. But, as with the development of new manufacturing plants, this will take several years to fully implement.

In the meantime, vertical integration – a characteristic of the early automotive pioneers, but out of fashion in recent decades – seems to be the order of the day, as the industry seeks to minimize its vulnerabilities and regain control of electronics supply chains.

West Coast Port Uncertainty a Headache for Supply Chains

By Geraint John

American companies whose supply chains rely on the country’s West Coast ports for imported goods from Asia currently face multiple sources of disruption.

Last week, truckers blockaded the port of Oakland – the ninth busiest in the U.S. – in protest at a new gig-economy law passed by the state of California, which they say will damage their pay and conditions.

Four hundred miles to the south, at the ports of Los Angeles and Long Beach, tens of thousands of containers are backed up on the dockside waiting for freight trains to transport them to customers across the U.S.

These latest delays come at a time when weeks of negotiations between West Coast port management and dockworkers on a new multi-year labor contract have yet to reach an agreement. The existing contract, covering 29 ports, expired on 1 July.

Although the Pacific Maritime Association, which represents employers, and the International Longshore and Warehouse Union, which represents more than 22,000 dockworkers, say work at the ports continues as normal, the risk of disruption remains a real concern.

The last time negotiations broke down, in 2015, West Coast dockworkers went on strike for more than a week, causing gridlock and saddling U.S. firms with billions of dollars of additional logistics costs and lost business.

Port strikes would exacerbate supply chain disruptions

Any industrial action at West Coast ports would exacerbate the current backlogs. At LA and Long Beach, the two biggest U.S. ports by cargo volume and value, almost 30,000 containers are waiting for a train – three times the normal figure.

Average “dwell times” – the period between a container being unloaded from a ship and taken away by road or rail – are now more than a week and growing.

The seriousness of the issue for U.S. supply chains was underlined by President Biden’s personal visit to LA last month to encourage a swift resolution of the port negotiations, and the fact that his administration has intervened to try to head off potential rail strikes.

Problems on the U.S. West Coast follow weeks of disruption at key originating ports in China, as cities such as Shanghai and Shenzhen have locked down as a result of the country’s strict zero-COVID policy.

An analysis of bills of lading data on Interos’ Resilience platform shows that:

  • More than 51% of the 3.3 million-plus shipments into LA, Long Beach and Oakland in 2022 so far came from China.
  • Shanghai and Yantian (Shenzhen) are the two major ports serving the California trio, accounting for 36% of total inbound shipments.
  • Ningbo port in China and Hong Kong each account for a further 8% of shipments, while Kaohsiung in Taiwan and Busan in South Korea both represent more than 6%.
  • After China and Hong Kong, Taiwan is the third biggest exporter by volume serving these three West Coast ports, followed by South Korea, Vietnam and Japan.

According to the Port of Los Angeles, of the 10.7 million containers and $294 billion of cargo value it handled in 2021, the top five imports were furniture, automotive parts, apparel, plastics and footwear.

Together with its Long Beach neighbor, it accounted for almost three-quarters of West Coast port trade and 31% of the U.S. national total.

When Oakland and the other 26 West Coast ports are included, they collectively handle around 60% of all imports coming into the U.S. from Asia.

West Coast ports rank bottom of the class

However, what these impressive figures mask is the woeful inefficiency and low productivity of West Coast ports.

In the Container Port Performance Index 2021, compiled by the World Bank and S&P Global Market Intelligence, LA and Long Beach were ranked last and second last among the 370 global ports assessed.

Oakland didn’t fare much better, taking 360th place in the statistical analysis of a range of port operations and management factors.

These dreadful results highlight both the urgent need for investment in port infrastructure and the fact that any labor problems will quickly have a negative impact on dependent supply chains.

These include not only retailers in segments such as toys and household goods, but also technology, automotive and aerospace & defense manufacturers.

Separately, the Port of LA last week revealed that the number of cyber-attacks it is being subjected to has almost doubled since the pandemic began.

Executive director Gene Seroka told the BBC his port was experiencing around 40 million attacks every month, and that it was working closely with the FBI to improve its cyber resilience.

Workarounds available, but at a price

Companies affected by West Coast port disruption have several options:

  • Alternative ports: Faced with shipment delays and heightened risks, some companies have been switching cargo to ports on the East Coast, as they did in 2014 and 2015. This is despite it costing about 33% more to ship a container from China to ports such as New York and New Jersey, and longer journey times that add around 10 days to a trip.
  • Airfreight: For urgent, high-value goods and smaller volumes, airfreight is an obvious alternative to ocean shipping – albeit at a cost that can be up to five times higher. China’s recent COVID-19 lockdowns slashed cargo capacity from major airports such as Shanghai, although logistics experts say this has recovered and that weak demand is now more of an issue.
  • Building Inventory: To get ahead of supply chain disruptions, many U.S. retailers have built up high levels of inventory in recent months – a strategy now being called into question as consumer demand weakens.

Big manufacturing firms have pursued a similar approach. A recent analysis of more than 2,300 publicly listed manufacturers found that inventories were at an all-time high of almost $1.9 trillion.

Despite these options, U.S. companies remain heavily dependent on West Coast ports for supplies of raw materials, components and finished products from China and other Asian countries.

They will be keeping their fingers crossed that the current labor and logistical issues can be resolved quickly and that they don’t cause further supply chain disruptions this year.

To learn more about the potential impacts of global supply chain disruptions, including the cost of port disruption, check out Interos’ annual market research report, Resilience 2022

Uyghur Forced Labor Prevention Act (UFLPA) & ESG Violations

CBP Implements UFLPA: The Newest Law Targeting Supply Chain Washing and ESG Violations

On Monday, the United States’ Uyghur Forced Labor Prevention Act (UFLPA) goes into effect. Focused on a controversial region in northwest China, the landmark law creates a presumption that any products “manufactured wholly or in part” in Xinjiang are made with forced labor. It bans all imports from the territory unless a company can prove otherwise.

The guidance sets out the US Customers and Border Protection (CBP) agenda of enforcement and prioritizes investment in supply chain visibility technology and “digital traceability.” It also explicitly bans US companies from importing any products from a list of 20 newly named Chinese companies (many of which are based in Xinjiang), unless the importer proves the goods were not made with forced labor. The list of restricted companies is expected to grow as further labor violations are uncovered, and as named companies adopt aliases to evade detection. Interos is adding these restricted entities to our platform to help customers ensure they’re not in violation.

The law is the latest and boldest attempt to combat an increasingly common practice known as supply chain washing – the concealment of critical information about how products and services are sourced and sold.

While bad actors are certainly responsible for a significant amount of supply chain washing, even companies that believe they are acting in good faith can inadvertently violate sanctions, restrictions, and export controls through hidden unknown relationships in their supplier or customer networks.

UFLPA Compliance: Concerns Over Supply Chain Washing, Supply Chain Visibility, Rise 

The implementation of the UFLPA comes at a time when outcry over supply chain deception is high, as much of the world witnesses China’s persecution of the ethnic minority Uyghur population in Xinjiang. The U.S. has described China’s treatment of Uyghurs as genocide.

The UFLPA is part of a series of growing global regulatory actions requiring organizations to act on ESG hazards in their supply chains.

Global supply chains could be significantly impacted by the new law, since Xinjiang is one of the world’s largest producers of cotton as well as polysilicon, which is used to manufacture solar panels.

These growing regulatory dynamics are creating a new urgency to comply with the UFLPA and the many other anti-supply chain washing laws being passed around the world. In their enforcement strategy, CBP specifically cites supply chain washing as a concern, stating that “manufacturing processes and multi-tiered supply chains can further obscure the use of forced labor inputs by incorporating them into legitimate manufacturing processes… Such goods could then be exported from a third country to the United States as a means of obscuring or “laundering” the importation of tainted raw materials from Xinjiang.”

The shifts require organizations take a multi-pronged approach to reduce related supply chain risk.

UFLPA Forces Extra Due Diligence and Required Documentation

  1. To comply with the law and overcome the rebuttable presumption, importers with exposure to Xinjiang need to implement a heightened due diligence process for supply chain tracing. The UFLPA requires a significant, risk-based supply chain diligence program, including a written code of conduct, an ongoing monitoring and compliance program and plans on how to remediate violations. The evidence required to demonstrate supply-chain tracing is extremely detailed and requires very extensive mapping and documentation.
  2. A substantial portion of CBP’s guidance focuses on prioritizing “cutting-edge technologies to identify and trace goods made with forced labor, specifically those technologies that support enhanced visibility into trade networks and supply chains that source goods or materials made with forced labor.”
  3. The Forced Labor Enforcement Task Force (FLETF) has issued detailed guidance on “due diligence, effective supply chain tracing, and supply chain management measures” aimed at avoiding the importation of goods produced with forced labor in Xinjiang. CBP points to the Department of Labor’s Comply Chain as a template for a compliant due diligence program.
  4. Supply chain leaders should only expect the need for compliance to rise with future guidance, as CBP makes clear in their release of intent to gather “foreign corporate registry data to map the structure of multinational companies and their global corporate networks.”

Anti-Supply Chain Washing Laws are On the Rise Globally

The UFLPA is far from the only sign that global regulators are cracking down on supply chain washing.

The US Securities and Exchange Commission has proposed rules to dramatically increase ESG disclosure requirements, and is taking a much stricter approach towards enforcement, probing large investment firms’ so-called sustainability funds

Take the example of S&P: In late March S&P settled allegations that it violated U.S. sanctions on Russia when it continued to extend credit to Rosneft, the country’s leading oil and gas company. Or examine recent incidents where components sourced in the UK and Germany were found in Russian warfare machinery being used against the people of Ukraine.

It’s simply not enough to know just who is in your supply chain and what they are doing. You also need to know about where your own products end up.

Supply Chain Washing Can Occur Anywhere

Xinjiang is far from the only area of the world generating concern over supply chain washing: On June 29, the Financial Times published a story highlighting evidence that strongly suggests that Russia may be using concealed/intentionally mislabeled shipments to export stolen grain from Ukraine through already-sanctioned ports in Crimea. Authorities admit confirming whether or not these shipments contain looted grain is difficult, and that ships containing sanctioned goods will often directly transfer cargo to other vessels once at-sea to avoid detection.

Despite these difficulties, accepting shipments of potentially sanctioned goods creates massive risk for large companies. In an interview with the Financial Times, Aline Doussin, a partner at Hogan Lovells, stated that even companies in locations that have not directly placed sanctions on Russia “might find that large multinational companies from those places stop trading with them over concerns that they were indirectly trading with sanctioned entities.”

German Law Shows Trend in Supply Chain Accountability 

Germany’s Supply Chain Law takes effect January 1, 2023. That law requires any company doing business in Germany to vet both their direct (Tier 1) and indirect (Tier 2) suppliers for compliance with core human rights and environmental protection measures – or face fines of up to 2% of their global revenue.

In analyzing companies subject to the German law, Interos found approximately 53% have problematic ESG scores using a proprietary scoring method that dynamically assesses an organization’s risk.

Although other European Union member countries are not yet in agreement on the terms of such legislation, it is likely the E.U. will follow with similar anti-supply chain washing laws in the near future.

ESG Supply Chain-related Disruptions Remain Expensive

The Interos 2022 Annual Global Supply Chain Report revealed that ESG-related issues currently cost companies, on average, $35 million per year – and those costs will rise as more anti-supply chain washing laws are enacted.

But many aspects of global supply chains are complex and opaque: most organizations only have visibility of their first- and second-tier suppliers.

Almost one-third (30%) of respondents to Interos’ annual survey said they would only know about an ESG violation in their supply chain if it occurred at their first tier of suppliers – not beyond.

Awareness of ESG issues in a company’s supply chain is no longer optional. Ignorance is not only costly financially and reputationally, but it can also put a company out of compliance with governmental regulations.

The Uyghur Forced Labor Prevention Act is just the beginning

The UFLPA is just one piece of a growing body of global legislation aimed at cracking down on unsound business practices, and the supply chain washing measures used to conceal them.

With new regulations being implemented every day, the already-high cost of noncompliance and poor supply chain visibility is only going to rise – but most organizations still report limited visibility of their suppliers, and a majority have ESG scores indicating noncompliance with some emerging laws.

Organizations will need to invest in capabilities and tools that give them continuous visibility over their direct and indirect suppliers and buyers. CBP’s guidance specifically states that the organization will invest in “enhanced supply-chain tracing technology that can connect imported goods to Xinjiang and other parts of the world at high-risk for forced labor. CBP also plans to invest in advanced search engines that may allow CBP to link known or suspected forced labor violators with their related business structures and transactions.”

As mentioned, Interos is adding the 20 entities named in Monday’s guidance to our automatically monitored entity list. We will continue to update our platform to assist with UFLPA compliance.

When it comes to sustainability and supply chain washing, the tide is clearly turning. Businesses that invest in powerful technology solutions and build robust compliance programs will be able to embrace this change with open arms. Those that ignore this wave of change, do so at their peril.

How Interos Can Help

The video below shows how Interos customers can quickly check their exposure to Xinjiang and the companies sanctioned in the UFLPA with just a few clicks – and how to setup continuous monitoring groups to receive alerts should their risk exposure change.

Russia Natural Gas Exports, Gazprom, and Europe: Energy as a Foreign Policy Weapon

By Trevor Howe

As the Russian invasion of Ukraine continues, one of the biggest global impacts is unfolding through Russia’s natural gas exports — or the potential lack thereof. Namely, the relationship between Europe’s gas supply and Gazprom, a Russian state-owned enterprise (SOE), is a critical concern. 

In late March, Russian President Vladimir Putin announced that natural gas deliveries from Public Joint Stock Company (PJSC) Gazprom would need to be paid for in rubles by “unfriendly states.” Notably, this decree contradicted an overwhelming majority of contracts (97%) that European companies already signed with Gazprom (and its subsidiaries or affiliates), which stipulated that Russia natural gas exports would be paid for in either euros or US dollars. According to the demand, buyers of natural gas would have to open accounts with Gazprombank and pay for deliveries in euros which would be converted into rubles. 

While this could be interpreted as a breach of sanctions by some, the European Commission clarified that this process would not constitute a breach of sanctions so long as companies declared their contractual arrangements complete when payments were made in the agreed-upon currency in existing contracts.

Russian Gas Exports See Cutoffs to Bulgaria and Poland

Despite this existing route for sanctions regime compliance, both Bulgargaz EAD in Bulgaria and Polskie Górnictwo Naftowe i Gazownictwo S.A. (PGNiG) in Poland rejected Gazprom’s new payment process. Notably, both had already decided not to extend long-term contracts with Gazprom, leading the Russian SOE to announce on April 27 that it would no longer facilitate natural gas flows to either county. However, because these markets were closing at the end of the year, this was widely interpreted as a low risk “shot across the bow” to demonstrate that the Kremlin was willing to act on its threats. Other current Russian threats include the further deployment of nuclear weapons in response to Western efforts to aid Ukraine and the potential for an expansion of the North Atlantic Treaty Organization (NATO).

American and European officials have highlighted the Kremlin’s operationalization of energy as a foreign policy weapon to attain desired geopolitical aims or influence through thinly veiled blackmail and coercion. To decouple from its reliance on Russian energy and build structural supply chain resilience, the European Commission has prioritized identifying and switching to non-Russian energy suppliers in the wake of Russia’s invasion of Ukraine. However, shifting supply sourcing presents itself as a technical, long-term process requiring reliance on infrastructural capacity that has not yet been developed both in Europe and countries like Algeria, which can supply the continent with liquefied natural gas (LNG) alternatives. A report published in April by the Interos Business Analyst Team has taken a closer look at this issue.

Gazprom Exports to Europe & Compliance with the New Payment Process

To cope in the meantime and to avoid further significant disruptions to global supply chains, several European companies have opted to comply with Gazprom’s new stipulations for the sale of Russia natural gas exports. Although a complete list of companies to open accounts with Gazprombank has not yet been made publicly available, the Deputy Prime Minister of the Russian Federation, Alexander Novak, stated the public will receive a new list in the coming days. 

The Deputy PM stated that of the 54 European companies that Gazprom supplies, “about half of them have already opened accounts [in Gazprombank], one in foreign currency and one in ruble.” Companies which appear to have complied with the demand of payment for natural gas in euros to be converted into rubles include:

Company of Interest  Interos Resilience ID 
MVM CEEnergy Zrt.   N/A 
VNG Handel & Vertrieb GmbH   17e1344f-c114-4b18-ad1d-92ab80ca13fa  
RWE Supply and Trading GmbH   e28c889e-f99d-46f8-b126-2a2f9f5f0e33  
Uniper SE  78e28c84-a3eb-497d-a49b-752ca0e8d4f0  
Engie S.A.  ae88735a-4b96-451e-9d29-337da235b8cb  
Eni S.p.A.  210942de-5153-4b0c-a677-5c15d315b4a6  
OMV Gas Marketing & Trading GmbH  eb656a9d-b5c1-4f0e-999d-ea8d9d72d751 
ČEZ, a.s.   2e644251-5a5f-4a43-9e7a-d6713567352d  
Slovenský Plynárenský Priemysel (SPP) a.s.  78e574c5-e46e-4fcb-87bb-f2e885f1bda6 
Geoplin d.o.o. Ljubljana  b28f227a-29ce-43a9-a656-acbba73c6640 
DEPA Emporias S.A.   7fb8ca3c-96f8-483e-8116-773eb787559c 
Mytilineos S.A.  4f64a2d9-fc88-4da0-b08d-7853638f0b8a 
Public Power Corporation (PPC)  1f574b1c-ed79-4ba4-9801-59a0ebc2ba1f 
Prometheus Gas S.A.  11df5809-bf6a-40d5-95f7-db9b4c64d472 

Non-Compliance with Gazprom’s New Payment Process 

On the other side of the Gazprom Europe gas supply issue, the group of companies that have thus far refused to comply with Gazprom’s current ruble payment demand is under threat of natural gas cutoffs. On May 21, Russia suspended flows to Gasum Oy in Finland after a payment dispute. Clear geopolitical undertones were on display as Finland, in conjunction with Sweden, officially applied for membership to NATO just three days prior on May 18. 

While Finland relies heavily on Russia for imports, natural gas only accounts for approximately 5% of the country’s annual energy consumption. While this limits the effect of the shutoff, industrial sectors rely on the energy source heavily. Chemical companies like Neste Oyj, forestry companies like Metsa Board Oyj, and other Finnish companies in the food industry will need to secure alternative sources to avoid disruptions.

Shortly thereafter on May 31, Gazprom announced additional flow shutoffs to three more European companies who refused to comply with ruble payment demands. Those were:

Company of Interest  Interos Resilience ID 
GasTerra B.V.   3f761976-6724-4ecf-9c34-ca8636616451 
Ørsted AS   7e7c3b7a-b2ef-46d1-af99-a476afac9c2f 
Shell Energy Europe Limited   dbba945b-d763-4bc3-aba0-1782bbc66086 

Companies of Interest

GasTerra B.V. is a partial Dutch SOE, Ørsted AS is a Danish energy company focused on sustainable energy through wind and solar farms, and Shell Energy Europe Limited is a UK-based supplier whose recent cuts will deprive German buyers of 1.2 billion cubic meters per annum (bcma) of natural gas.

According to Eurostat, in 2020 the Netherlands relied on natural gas for 37.6% of its total energy consumption, importing 45% of consumed gas to meet demand. Of that 45%, roughly 30.3% came from Russia. Although this has exposed the country to vulnerabilities from Russian supply, the country appears to be taking steps to lessen industrial reliance on natural gas and to fill storage facilities ahead of next winter to 70% levels to avoid supply gaps.

While Denmark has experienced natural gas shutoffs, the country does not appear to import from Russia directly. Instead, according to Eurostat in 2020 Denmark imported 99.9% of natural gas from Germany, a country that imported 66.1% of its gas from Russia. While natural gas consumption in Denmark accounted for approximately 12% of total energy consumed in 2020, the country plans to quadruple green power production by 2030. This will boost green gas and temporarily hike domestic natural gas production to offset Russian imports as the country phases out natural gas.

Companies at Risk of Cutoffs from Gazprom

  • Companies that refuse to comply with Gazprombank’s new payment process.
  • Companies located in countries or territories the Kremlin deems “unfriendly.”
  • Companies with Gazprom supply contracts that expire this year which they have not extended or renewed.

Along with these metrics, one example of a company under potential threat of a cutoff from Russian natural gas exports is Edison S.p.A., an Italian company with a Gazprom contract for 1 bcma that expires this year. It appears the company will not seek to renew. As part of the European Union (EU), Italy is included in the Kremlin’s unfriendly states list. Edison also appears to be shifting away from Russian natural gas in favor of American LNG with a deal the company signed in 2017 to supply 1 million tons per annum from the Calcasieu Pass LNG export facility in Louisiana.

 “Global Direct Customers of Edison S.p.A.” The map spans North America, Europe, Africa, the Middle East, and Asia.

According to Interos data, Edison S.p.A. is a direct supplier for 69 companies worldwide. Although the company anticipates deliveries from Calcasieu soon, commercial operations from the Louisiana facility are not expected to begin until Q4 2022 or Q1 2023. Were cutoffs to occur soon against Edison, its operations could be disrupted for weeks if the company cannot secure interim supplies quickly. Therefore, this scenario could have adverse ripple effects in the supply chains that connect to Edison. In the case of cutoffs to Bulgaria and Poland, Gazprom already demonstrated its willingness to forgo a couple of months of revenue from a single buyer they would lose anyway to gain credibility to reinforce Gazprom’s threats against European gas supplies.

Cutoffs to Italy from Russia would be significant. In 2020, natural gas accounted for 40.5% of all energy consumption in the country, the highest of all EU countries. In the same year, Italy was 92.8% reliant on natural gas imports, 43.3% of which came from Russia. This dependence underscores the country’s vulnerability to any Russian gas shutoff, making the Gazprom Europe gas supply crisis more pressing. 

Natural Gas Consumption, Imports, and Russian Reliance of EU States

In 2020, the EU’s energy mix consisted of 35% oil and petroleum products, 24% natural gas, 17% renewables, 13% nuclear energy, and 11% solid fossil fuels. Natural gas is a significant fuel for electricity production and household heating, and it also serves as a vital input to multiple highly energy-intensive manufacturing sectors. Of all energy sources, natural gas is the fuel with the highest exposure to imports from Russia. In 2020, the EU received 46% of its natural gas imports from Russia to satisfy 41% of gross available energy derived from natural gas.Share of Natural Gas in Total Energy Consumption (%) and Natural Gas Import Dependency (%) by EU Country, 2020


Meanwhile, regional production has played a diminishing role in satisfying European natural gas needs over the past decade, which has made Gazprom’s disruption of European gas supply more urgent. From 2010 through 2020, natural gas production in the EU and the UK declined by more than 50%, from 18 billion cubic feet per day (Bcf/d) in 2010 to 9 Bcf/d in 2020. This significant decline has resulted from resource depletion and government initiatives to fully phase out natural gas production in favor of other sources such as solar and wind.

As a result, Italy is not alone in its vulnerability to vacillations in the Russian natural gas supply; in 2020, Russian natural gas exports served as 25% or more of overall natural gas imports for at least 16 EU countries, according to Eurostat.

Currently, Romania imports less natural gas than most other EU countries. Moreover, the development of the Black Sea gas fields would make Romania the European Union’s biggest natural gas producer. In 2020, Romania published a new strategy document emphasizing an increase in gas-fired power generation across the country, mainly as an implicit shift from coal to natural gas in the power generation sector.Direct Imports of Russian Natural Gas (% of total imports) by EU Country, 2020


While the EU has yet to target Russian natural gas in its waves of sanctions, the bloc has recently agreed to an embargo on Russian crude oil imports that will take effect by the end of 2022. The ban aims to halt 90% of imports by the end of the year, but to achieve required consensus the ban notably provided carveouts to Hungary, Slovakia, and the Czech Republic. Bulgaria was also given an exemption which will last until the end of 2024. 

All four countries have an entrenched reliance on Russian exports of oil and natural gas, which is why they originally resisted the EU ban, citing severe economic consequences. Exemptions for these four countries comprise the remaining 10% of imports not covered by the ban. Moreover, the effort revealed divisions within the bloc on the issue of Russian sanctions, which could be exacerbated were Russian natural gas to be targeted next.

Perhaps the most significant progress in weaning off Russian gas can be seen in the Baltic States. Lithuania became the first European country to stop using Russian gas entirely. Although heavily dependent upon Russian gas, Latvia moved to end its reliance by the end of 2022, and Estonia’s government has likewise motioned to stop imports by the end of 2022.

Natural Gas-Intensive Industries at Risk of Disruptions

Several highly energy-intensive manufacturing sectors rely predominantly upon natural gas as the main energy carrier and thus particularly are exposed to inflated production costs in times of constrained supply. Those increased costs could serve as financial barriers to operations. 

High energy-intensive sectors relying on natural gas include:

  • Manufacture of clay building materials
  • Manufacture of pulp, paper, and paperboard
  • Manufacture of glass and glass products
  • Manufacture of basic iron and steel and of ferro-alloys
  • Manufacture of man-made fibers
  • Manufacture of refractory products
  • Manufacture of basic chemicals, fertilizers and nitrogen compounds, plastics, and synthetic rubber in primary forms (In 2016, nitrogen fertilizer plants were the most natural gas intensive plants)
  • Manufacture of abrasive products and non-metallic mineral products n.e.c.
  • Manufacture of other porcelain and ceramic products

A recent report published by the Interos Business Analyst Team already identified that within German industry, chemical manufacturers, in particular, would be vulnerable to constrained supplies of natural gas in the event of further cutoffs affecting the country. German industry is already bracing for gas rationing as government policies have given priority to households in the event of constricted supply.

Other countries that could be vulnerable to disruptions in the event of constrained supplies of Russia natural gas exports include:


In 2020, Austrian industries accounted for 41% of natural gas consumption, up from 36% in 2010, with power plants accounting for 26%. With a current 80% reliance on Russia for natural gas, Austrian industries would be devastated if taps were to be shut off abruptly. The Austrian paper milling industry in particular is dependent on natural gas for 35% of energy needs, which, if disrupted, would also have negative supply chain effects for paper-based hygiene products. Thus far, the Austrian company OMV has complied with Gazprom’s new payment scheme to avoid flow disruptions to Europe’s gas supply.


In 2019, Romanian industries accounted for 36.1% of natural gas consumption. The following year, Romania’s top exports were vehicle parts, cars, insulated wire, electrical control boards, and rubber tires, which could be undermined with constrained gas supply. Romania’s energy minister, Virgil Popescu, stated that the Romanian state does not have direct contracts with Gazprom, but rather natural gas is supplied to the country by intermediaries who bring in Russian gas.

Concluding Remarks on Russia’s Natural Gas Exports

LNG alternatives will be crucial in achieving the bloc’s goal of weaning off reliance on Russian natural gas. Europe has been the top export destination for American LNG for the past several months amid Russia’s invasion of Ukraine. However, American LNG exports will not completely replace Russian gas, and ramping up LNG production and exports comes amid pushback from those citing climate concerns that could deviate the current administration from its stated goals.

To provide insights amidst an environment of uncertainty, the Resilience Analytics portion of the Interos Resilience platform can highlight suppliers that are vulnerable to a Russian energy shutoff. This portion of the platform is linked directly with our data lake and allows users to filter their three-tier ecosystem by entity name, location, industry, or risk scores. Using these filters, platform users can identify which suppliers are direct or indirect Russian energy consumers. Once these connections are found, the data can be exported as an image, .pdf, or raw data extracted to be analyzed and viewed outside the Resilience platform. To learn more about Interos, visit interos.ai.

The CISA Supply Chain Warning: How to Prepare

By Stuart Phillips & Geraint John

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has urged government and commercial organizations to patch vulnerable software and IT systems more rapidly in response to a flurry of malicious attacks against the cyber supply chain.

Last week, CISA issued an emergency directive requiring all federal civilian agencies using VMware’s Workspace ONE Access and other products to either patch or disconnect these systems by 5 p.m. ET this past Monday.

Separately, CISA also warned that hackers were actively targeting unpatched versions of F5 Network’s BIG-IP systems used to manage network traffic.

These new alerts join several others issued in recent weeks regarding cyber supply chain risks.

Earlier this month, CISA and other national cybersecurity agencies warned that managed service providers and their customers were at a heightened risk of attack. In late February, CISA issued a wide-ranging “Shields Up” advisory in the wake of Russia’s invasion of Ukraine, warning that malicious cyber activity was likely to increase.

VMware and F5 upstream supply chain attack vulnerabilities exposed

Commenting on one of these vulnerabilities, CVE 2022-22954, cybersecurity firm Mandiant said: “An attacker could exploit this vulnerability to perform a server-side template injection… An attacker would need to send a specially crafted request to the vulnerable system. A failed attempt at exploitation could potentially cause a crash of the application, resulting in a denial-of-service condition.” 

On April 13, VMware confirmed the exploitation of this vulnerability in the wild. On April 25, The Hacker News reported that a threat actor known as “Rocket Kitten” actively exploited this vulnerability to deploy the Core Impact penetration testing tool on vulnerable systems. 

Mandiant Threat Intelligence wrote that they consider this “a high-risk exposure due to the potential for arbitrary code execution with no user interaction required.”

VMware issued patches for this and other vulnerabilities in April and released additional fixes last week. CISA’s emergency directive suggests that many organizations have not quickly updated their systems.

And it’s not just government agencies that are at risk from these supply chain risks. 

“We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks,” CISA said late last week.

CISA supply chain warnings reflects vulnerabilities deep in the cyber supply chain

There are many reasons why organizations fail to update their software and hardware fast enough, but budget and staffing shortages are primary.

Proactive Chief Information Security Officers (CISOs) can quickly discover if they have an installed vendor with security issues and schedule patches or updates to mitigate the problems. 

The real challenge is knowing whether their cyber supply chains have critical suppliers or partners using compromised systems and then taking steps to address those vulnerabilities. 

An analysis of Interos’ global relationship mapping platform data reveals the scale of the challenge: 

  • 1,239 companies were identified using VMware’s Workspace ONE Access or F5’s BIG-IP products.
  • 88 of these companies use both vendors.
  • Of the top five direct buyers, more than half (58%) were U.S.-based and more than one-quarter (29%) were in the IT software and services sector.
  • The U.K., Canada, Australia, and India are also home to major direct buyers, with banks, consumer services firms, and healthcare providers.

Looking further upstream into the extended cyber supply chain:

  • The 1,239 companies using the affected VMware and F5 products directly supply more than 98,000 customers in the U.S., U.K, Germany, Canada, and other countries.
  • These 98,000-plus firms, in turn, do business with more than 600,000 firms at Tier 2. 

Mandiant’s 2022 M-Trends report, published last month, found that supply chain intrusions were the second most prevalent form of attack in 2021.

Almost one-fifth (17%) of intrusions involved a supply chain compromise – up from just 1% in 2020. The vast majority of these attacks were related to the SolarWinds breach

Last week, cybersecurity firm SentinelOne published an analysis of a new supply chain malware attack against the Rust development community.

CISOs must monitor supply chain risks

Predicting the next supply chain cyber-attack or disruption is a dark art. However, being aware of all your suppliers and their connections may give you a better chance to understand weaknesses in your cyber supply chain and mitigate risks. 

Gone are the days when sending a survey to a supplier every two years and asking only about cyber risk was a practical approach. 

The best CISOs actively contribute to operational resilience by continuously monitoring their entire supply chains for multiple types of threats – including vendor financial weakness – using a risk mapping and scoring solution such as the one developed by Interos. 

To learn more about Interos, visit Interos.ai

Redesigning Global Supply Chains to Build Greater Resilience

By Geraint John and Margaret D’Annunzio

The ongoing litany of supply chain disruptions is prompting many organizations to redesign their global supply networks to build resilience. New research published this week by Interos found that almost two-thirds (64%) of executives said their organizations planned to make “wholesale changes” to their supply chain footprints.

And it’s not only business leaders that are focusing on the need for greater supply chain resilience.

Heavyweight economic and political institutions are also weighing in on the issue and proposing a variety of (sometimes conflicting) solutions – as evidenced by two recent reports from the International Monetary Fund (IMF) and the U.S. government.

The latter’s “Economic Report of the President,” (Economic Report) published in April, devotes an entire chapter to “building resilient supply chains.”

This portion of the Economic Report robustly analyses the evolution of modern supply chains and discusses some of the failures associated with firms’ and countries’ increased reliance on outsourcing and offshoring.

The Economic Report suggests that some of main reasons for supply chain globalization since the early 1990s are: Greater access to foreign suppliers through IT advances and lower trade barriers; government subsidies for key manufacturing sectors; and short-term financial incentives for top executives.

It argues that although COVID-19 exacerbated supply chain risks and made them more obvious, the pandemic did not create the majority of vulnerabilities, nor will its end abate them.

“Because of outsourcing, offshoring, and insufficient investment in resilience, many supply chains have become complex and fragile,” the report notes.

Shining a Light on Concentration Risk

Interos’ own research found that concentration risk is of particular concern to senior supply chain executives. Almost 9 out of 10 of the 1,500 procurement, IT and IT security professionals surveyed by Interos in the first quarter of 2022 agreed they had too many suppliers located in one area of the world.

Concentration is a Big Concern

“My organization has too many suppliers concentrated in one area of the world and this is of concern to us”

n=1,500; Source: Resilience 2022: The Interos Annual Global Supply Chain Report 

The White House report cites several examples of highly concentrated supply chains:

  • Taiwan (and its dominant manufacturer Taiwan Semiconductor Mfg. Co. [TSMC]) produce 92% of the world’s supply of advanced semiconductors
  • China manufactures 73% of lithium-ion batteries and has a 97% global market share of ingots and wafers used to make solar panels
  • China also has a dominant position in the battery raw materials: lithium and cobalt, of which it refines 60% and 80% of global supply, respectively

Recent analysis of Interos’ global relationship mapping database found that while TSMC, as a contract manufacturer to the semiconductor industry, has a relatively small number of direct customers in the U.S. and Europe (Apple being the largest), its importance at tiers 2 and 3 is enormous.

And a new Interos report on rare-earth elements (REE) – which are also important inputs to computer chips and electric vehicles, among other products – noted that China controls 84% of the global market, with over 100,000 U.S. companies and more than 50,000 European firms having the top 21 Chinese REE suppliers in their extended supply chains.

Will Reshoring Really Bring Resilience?

One potential solution to fragile and concentrated global supply chains that gets plenty of airtime is reshoring production back to “home countries”.

Respondents to Interos’ annual survey said that, on average, they expected to reshore or nearshore around half (51%) of foreign supplier contracts in the next three years.

The White House’s Economic Report argues that “at least some domestic production of critical goods” such as semiconductors and batteries is required – in part for national security reasons.

However, the IMF, in its equally detailed analysis, takes a somewhat different view, noting that, on average, 82% of Western firms’ intermediate inputs are already sourced domestically. It argues that “policy proposals to reduce dependence on foreign suppliers, especially in strategic sectors… may be premature, if not misguided.” Instead, the IMF advocates greater diversification in international sourcing – that is to say, increasing the number of suppliers and locations used.

Interos’ survey findings appear to support this view, with more than 60% of executives saying their organizations plan to increase the number of firms in their supply chains over the next three years, compared with 15% or less that expect to reduce them.

Supplier Diversification is Happening

How the number of companies in organizations’ supply chains will change

n=1,500; Source: Resilience 2022: The Interos Annual Global Supply Chain Report 


Even if managers do successfully make the business case for bringing product manufacturing back onshore, they still face a number of challenges – not the least of which is developing a local supply base.

French sportswear brand Salomon is a case in point. It decided to make its running shoes in a highly automated plant in France after many years operating in Asia, but found it was still reliant on suppliers of soles and other parts in China and Vietnam.

Improving Supply Chain Visibility & Resilience

Despite their differences, the IMF and White House reports do agree on some things. Chief among these, perhaps not surprisingly, is the need for government policy to support companies in their resilience-building efforts.

Interventions include:

  • Improving transportation infrastructure, such as major ports
  • Reducing international trade costs, and in particular non-tariff barriers
  • Convening and coordinating firms to develop standards and find industry-wide solutions
  • Aggregating and disseminating data that help companies better understand their supply chains

On this latter point, both reports emphasize the importance of supply chain visibility.

“Visibility into supply chain relationships is necessary to identify vulnerabilities in supply chains, so that firms can properly plan for disruptive events,” notes the White House report.

Interos’ survey found overwhelming support among executives for technology to solve this problem.

Although less than a fifth said their organizations were already using intelligent, automated solutions to understand interdependencies at multiple tiers, three-quarters expected to have such technology in place within the next 12 months.

To download a copy of Resilience 2022: The Interos Annual Global Supply Chain Report, click here.

Impact of European Dependence on Russian Natural Gas

Ripple effects from the war in Ukraine continue to threaten global stability and expose European dependence on Russian gas. 

Last week, Russia officially halted natural gas exports to Poland and Bulgaria, a major turn of events given Europe dependence on Russian gas. The two countries declined to meet President Vladimir Putin’s mandate that customers pay with rubles held in Russian-owned banks in order to continue receiving Russia natural gas.

This is seemingly a tit-for-tat continuation of ongoing economic warfare. Poland had just extended sanctions on 50 Russian oligarchs and companies, including Gazprom, which informed the countries of the natural gas suspension. 

As the humanitarian catastrophe in Ukraine continues unabated, this is simply the latest example of the second-order effects stemming from Russia’s invasion that will continue to propagate across the globe.

Concerns About Russia and the Natural Gas Pipeline

Russia supplies more than 90% of Bulgaria’s gas needs. Poland is less dependent, having invested in infrastructure in a liquified natural gas (LNG) terminal years ago. Later this year, the “Baltic Pipe” will open, bringing Poland more natural gas from Norway and helping to reduce Europe dependence on Russian gas. 

Russia accounts for 40% of EU natural gas, a dependence that has prompted many European countries to begin weaning off Russian gas to various degrees. In March, the European Commission announced a plan to cut Russia natural gas imports by two-thirds by the end of the year. As European Commission President Ursula von der Leyen explained, “We simply cannot rely on a supplier who explicitly threatens us.”

Russia has thus far only “suspended” gas delivery to Bulgaria and Poland. Still, these initial suspensions have raised the alarm across the region that Russia may continue to make good on its threats. This concern – and dependence – varies significantly across Europe, as Europe dependence on Russian gas is not uniform across the continent. 

Poland and Bulgaria rank sixth and twelfth among European buyers of Russian natural gas. Germany, Turkey, Italy, France, and Austria were the top recipients during the first half of 2021. European allies and those Putin has labeled “unfriendly countries” have prioritized resilience in expectation of future suspensions.

Russia, Europe, Natural Gas, and Resilience

Part of the European Union’s ongoing plans to diversify its natural gas supply chain includes importing from reliable sources, such as strengthening imports from Norway, where it gets 16.4% of its natural gas, and expanding natural gas imports from the U.S. In March, the Biden administration announced that the U.S. would ship an additional 15 billion cubic tons of LNG to Europe through the rest of the year. While questions remain on accomplishing the logistics behind this commitment, it is yet another sign of the deepening unity across Europe, the U.S., and global democracies in light of Russia’s invasion of Ukraine.

This increase in unity will likely be necessary to offset the unintended ripple effects of Russia’s foreshadowed cutoffs. While Bulgaria and Poland are not considered essential global trading partners by many metrics, a closer look at global supply chains reveals more about American and European dependence on Russian gas.

Interos analyzed U.S. and European (EU+UK) reliance on Bulgaria and Poland, mapping connections to those countries. While direct (Tier 1) connections were unsurprisingly low, Tier 2 and Tier 3 connections expanded into the hundreds of thousands.

US & EUR supply chains show surprising sub-tier connections to countries hit by Russia's gas cutoff

For comparison, our analysis of U.S./EU reliance on Russia and Ukraine found that more than 190,000 firms in the U.S. and 109,000 firms in Europe have Russian or Ukrainian suppliers at Tier 3. Many EU and U.S. firms rely on Poland and Bulgaria once accounting for sub-tier supply chains. This suggests that cutting off Russia natural gas may have wider-ranging implications than expected. 

As is true across the broad range of supply chain shocks over the last few years, the challenges are too widespread and complex for any single organization or government to solve on its own. Bulgaria has been in talks with Greece and Turkey to cut its dependence on Russia for LNG, with Greece publicly offering recent support to Bulgaria. While the gas suspension intends to weaken resolve across Europe and its allies, it likely will continue to have the reverse effect. With Germany halting the Nord Stream 2 natural gas pipeline earlier this year and dropping opposition to a Russian oil embargo, this latest gambit by Russia likely will only deepen ties and accelerate efforts to phase out dependence on Russian natural gas and other commodities.

Looking Ahead: Global Ripple Effects

Despite these efforts, there are concerns of stockpiling that could drive up natural gas prices across the globe, prices that are already spiking. In the U.S., natural gas prices hit a 13-year high in April. At the same time, European gas storage hit a five-year low at the end of the winter and continues to rise following Russia’s suspension of Bulgaria and Poland. In preparation for winter demand, energy rationing could also stunt economic growth, persist inflation, and potentially instigate a recession.

Many are forecasting continued volatility in the natural gas market throughout the year, due in part to Europe dependence on Russian gas, and concerns over additional supply chain disruptions continue to grow. 

For instance, a brief analysis of U.S. companies with Tier 1 suppliers in Bulgaria and Poland quickly highlights almost 8,000 companies, which quickly expands to well over 200,000 companies with Tier 3 connections to those countries. 

Those numbers are slightly smaller for European companies, with almost 4,000 companies having Tier 1 connections and about 180,000 with Tier 3. 

Russia’s suspension of natural gas to Bulgaria and Poland has instigated uncertainty within the environmental, social, and governance (ESG) investment market. The U.S. commitment to increase LNG supplies to Europe may come with externalities, including investing in the LNG import and export terminal infrastructure required to export LNG at scale. These LNG investments require capital, which ESG investor groups often deny in favor of clean energy investments. Those priorities may shift to meet this commitment so as to reduce Europe dependence on Russian gas. That said, as part of its decoupling from Russian energy sources, the E.U. could more quickly expand investments in renewable energy to meet its net-zero commitments. 

Finally, suppose the “unfriendly countries” continue to deepen their resolve in support of Ukraine. In that case, Russia not only may extend the natural gas suspensions as part of the ongoing tit-for-tat economic warfare, but the Putin regime may accelerate and expand its hybrid warfare, resulting in the need for improved cyber supply chain risk management. Microsoft’s recent report highlights the malicious cyber activity of six state-linked actors and 237 operations against Ukraine. As NotPetya illustrated, Russia’s targeted activity has a history of spreading into the wild. There also are growing concerns about military expansion beyond Ukraine. Explosions in the Transnistria region heighten fears about violence spilling over into neighboring countries. The instability could also extend to North Africa and the Middle East due to grain shortages – especially wheat – and those regions’ dependence on Ukraine and Russia. They together supply more than a quarter of the world’s wheat.

The suspension of natural gas to Poland and Bulgaria, coupled with the ongoing invasion and other humanitarian crises, is prompting more swift diplomatic action and movement toward energy diversification than has occurred in previous decades. As International Energy Agency Executive Director Fatih Birol explained, “Nobody is under any illusions anymore. Russia’s use of its natural gas resources as an economic and political weapon shows Europe needs to act quickly to be ready to face considerable uncertainty over Russian gas supplies next winter.” 

Click here to download a new Interos white paper that further explores Europe’s dependence on Russian natural gas: Report: Analysis of Russian Natural Gas in Europe – Interos. Then, to learn more about how the Interos platform can help you stay aware of risks, visit interos.ai


CISOs, Supply Chain Security and Risk Management

Managing supply chain security and mitigating attacks has become critical for Chief Information Security Officers (CISOs).

As we outline below, Interos has found three main tasks that CISOs must lead to protect their organizations’ supply chains and improve overall visibility.

Incident Response – Dealing with a supply chain attack

SolarWinds, Kaseya, Log4J, and other supply chain attacks have grabbed the headlines. A CISO must prepare for the next event without knowing its type, motive, or origin. SolarWinds had no cyber warning indicators before its major breach. All the firewalls, agents, policies, and other traditional tools would not have prevented this type of attack since SolarWinds had complete access to the network.

CISOs need to determine if they are at risk when these attacks happen. The traditional method for risk management is to send surveys to all suppliers and third parties. Unfortunately, since most CISOs do not have visibility into their supply chains, they must start from scratch. Hopefully, they have a third-party assessment tool, but often the CISO must get a list of suppliers from procurement. This list usually only includes the first tier of suppliers. While waiting for the surveys to be completed and returned, the organization remains exposed to the threat. This means that the CISO cannot readily confirm to leadership that the threat has been mitigated, often for weeks or months.

The Interos operational resilience platform continually maps, monitors, and models an organization’s extended supply chain. When new attacks happen, Interos alerts customers so they can strategize a reaction to the threat. It takes a few seconds to discover where the affected supplier resides within the supply chain and how it connects to the organization. A CISO using Interos can start mitigation efforts almost immediately, which reduces the time before confidently reporting to the C-Suite that they have resolved the problem.

Proactive Assessment – Auditing the supply chain

An unhealthy supply chain can cause tremendous problems for an organization.

The CISO’s role is to protect the organization and they must understand the health and potential risks of their supply chain. Organizations should not trust a supplier with poor cyber hygiene. They should also look to replace any equipment supplier who has gone bankrupt or out of business. Even if the technology works, the manufacturer can no longer provide updates and patches for future cyber vulnerabilities.

Continually assessing and monitoring the extended supply chain can be difficult or impossible without the proper tools. A CISO can lessen the damage or prevent supply chain attacks if they know where to focus their efforts. However, most are blind to potential problem suppliers.

The Interos operational resilience platform continually assesses and monitors the extended supply chain, integrating six risk factors to come up with a comprehensive score. A CISO can use this information to focus on the worst offenders in each category, getting the best result for their efforts. A CISO can also understand if the suppliers are subject to US, UK, or EU sanctions or restrictions, which may cause business problems. With Interos, the CISO can be proactive and improve their supply chain’s health, reducing incidents and supplier churn in the future.

Supplier Onboarding

Vetting of new suppliers for cyber risk is a task often given to CISOs. There is often pressure on the CISO to complete the assessment quickly if the new supplier is deemed acceptable already by management. Since requests to vet a supplier are random, it is impossible to schedule. Knowing that a new supplier is at a high risk for cyber issues is critical to ensuring a company’s data security.

Getting new supplier information is traditionally done by sending them a survey with questions or asking for the results of a recent SOC audit. Often the surveys take a long time to complete and return. While a security operations center audit is preferable in most cases, it can be costly to conduct.

The Interos operational resilience platform uses public and private data sources combined with one of the largest business relationship data lakes to build a viable picture of an organization in a few minutes. The CISO can enter the company name and create a helpful report without sending and waiting for the return of surveys. The Interos analytics engine can provide insight into the supplier in all six risk categories, location, and other relevant data. This approach can enable a CISO to know within a few minutes if the supplier is bankrupt, doing business in concerning areas, or has connections to questionable organizations. The Interos approach is standardized and repeatable without requiring a high level of supply chain expertise from the cyber analyst.

To see a demonstration of the Interos Operational Resilience platform, please go to https://www.interos.ai/resources/interos-product-overview/