Business recovers steadily after November's ransomware incident at Blue Yonder
In the wake of a ransomware attack on supply chain technology company Blue Yonder, which occurred on November 21, several major companies have faced operational disruptions. Among them are Starbucks and Morrisons, a U.K. supermarket chain with about 500 stores.
Morrisons experienced an outage in its warehouse management systems for fresh food and produce, causing some products to remain unavailable. However, the company is making good progress and its backup system is working well, ensuring a speedy recovery.
Starbucks, on the other hand, experienced an impact on an internal platform used to track hours worked by employees. The company reverted to manual processes to ensure workers were paid during the disruption.
Blue Yonder, based in Arizona, is actively working with other impacted customers to return them to normal business operations. It's worth noting that DHL, another large customer of Blue Yonder, was not directly impacted by the attack.
The ransomware attack impacted Blue Yonder's managed services hosted environment, causing operational disruptions for the affected companies. Blue Yonder has not commented on details of the attack, except for stating that there was no impact on its Azure public cloud environment.
The incident serves as a reminder of the growing threat posed by supply chain attacks, as stated by Peter Mackenzie, director of incident response at Sophos. Such attacks can cause pressure on customers who rely on these vendors.
In response to this growing threat, the National Retail Federation (NRF), in collaboration with The Chertoff Group, has developed a retail supply chain cybersecurity risk management guide. While the guide does not specify a "holiday season" guide, it emphasizes a cybersecurity and fraud prevention focus area.
The guide encourages retailers to develop a comprehensive risk management plan for the retail supply chain, with a focus on cybersecurity threats. It also recommends integrating asset protection strategies to safeguard both physical and digital assets during peak shopping seasons when threat levels increase.
Moreover, the guide advises retailers to recognise and respond to evolving threats such as fraud, cargo theft, and cyber-attacks, which can disrupt logistics and damage business reputation.
The NRF's guide comes at a crucial time as retailers prepare for the holiday season, a period of increased supply chain activity. In 2024, 45% of retail organizations were hit by ransomware, primarily due to exploited vulnerabilities.
The NRF's efforts underscore the importance of managing third-party risk, a challenge that organisations are working to address, particularly in a complex cybersecurity landscape, as emphasised by Danielle Inman, senior director of media relations at the National Retail Federation.
As the retail industry braces for the holiday season, the Blue Yonder attack serves as a stark reminder of the need for robust supply chain cybersecurity measures. By adhering to guidelines such as those provided by the NRF, retailers can better protect their inventory and ensure a smooth holiday shopping season for their customers.
- The ransomware attack on Blue Yonder, a supply chain technology company, has highlighted the increasing threat of supply chain attacks, as noted by Peter Mackenzie, director of incident response at Sophos.
- In response to this growing threat, the National Retail Federation (NRF) has developed a retail supply chain cybersecurity risk management guide, emphasizing a focus on cybersecurity threats and integrating asset protection strategies.
- Retailers are encouraged to develop a comprehensive risk management plan for the retail supply chain, focusing on safeguarding both physical and digital assets during peak shopping seasons, when threat levels increase.
- With 45% of retail organizations hit by ransomware in 2024, largely due to exploited vulnerabilities, the NRF's guide underscores the importance of managing third-party risk, a challenge that organizations are working to address in a complex cybersecurity landscape.
