SCMAP Perspective is our fortnightly column on PortCalls, tackling the latest developments in the supply chain industry, as well as updates from within SCMAP. On this column, Henrik Batallones looks at how recent ransomware attacks affecting many industries around the world serve as a wake up call for the supply chain industry.
Connected, disrupted
Many, if not all, things in our lives revolve around technology. For instance, I’m writing this column on a computer. The sentence I just thought of does not quite work, so I hit backspace several times and replace it. You could not quite do that with a typewriter, unless you’re okay with spending time applying liquid corrector and blowing on it to dry. And with the advent of cloud technology, I can edit this column anywhere, even if I don’t have my laptop with me.
It’s this boom in technology in recent decades that has allowed to the rise of supply chain as an important element in doing business. As our reach grows wider – suppliers, distributors and customers are no longer limited to your local area – we rely on technology to help us keep track of every moving element of our supply chain. We also rely on technology to make understand what’s happening quicker, and to make decisions quicker. Also, technology has allowed the growth of complex supply chains that are responsive to local needs, and can serve even the most specialized of needs.
Technology has made many things possible, and it doesn’t matter whether it’s good or bad. Recent events seem to highlight the latter. You have talk of elections being hacked from outside a country’s borders to influence its results. You have talk of “fake news” spreading on social media and disrupting civil discourse. You have, in recent days, ransomware attacks disrupting industries across the world.
Viruses infecting computers aren’t a new thing. Viruses infecting networks aren’t a new thing, either. But the scale of recent attacks – WannaCry affecting medical and manufacturing services in Europe; Petya spearing even wider and also impacting the energy, manufacturing and shipping industries across the world – illustrates how one vulnerability in one dot in a global network can bring down an entire company, disrupting its processes, potentially disappointing its customers, and leading to high costs in the short and medium term.
Imagine the impact on your supply chain. Many parts of the chain are now aided by technology, from supplier management, to production planning and analytics, to storage systems and distribution tracking. When just one of these aspects are hit, the disruption can be massive and costly. It’s one thing if it’s caused by an error you can trace to within your organization. It’s another if it’s from the outside, and if solutions are hard to find, if not impossible. WannaCry was only stopped when a programmer accidentally found the kill switch – and while that prevented the malware’s further spread, it did not immediately provide an answer for recovering data that was locked into infected computers. Unless they were willing to pay the hackers, that is.
Supply chains utilizing more and more technology to increase efficiencies and serve customers (and the bottom line) better is the norm. However, these incidents should remind us to ensure that our networks are safe from any such attacks, and are resilient if ever something goes wrong. Constant back-ups, duplicate systems, regular updating of softwares as vulnerabilities are found… and the good old “don’t just open any attachment in your email” advice.
Here’s another thought: maybe we should invest more in technology literacy for everyone. Vigilance is important in prevent disruptions caused by vulnerabilities in technology, and vigilance goes hand in hand with knowledge. When one knows what to avoid, one can help everyone. And perhaps one can have the solution when something does go wrong. Some children these days are being taught how to code in schools – perhaps they’ll grow up to become programmers who can scan and patch vulnerabilities in even more complex supply chain networks in real time. Perhaps soon.