State of Supply Chain Security: Roundup of the Big Hits

Global networks face mounting exposure to third-party vendor compromise, software supply chain attacks, data theft and operational shutdowns.

Technology implementation expands attack surfaces across organisations that depend on interconnected systems and multiple external partners.

In this connected ecosystem, a breach in one corner of the network can cascade through entire operations.

Therefore, cybersecurity leaders need to implement thorough risk prevention methods to protect business continuity.

The Maersk NotPetya incident

In 2017, Maersk was hit by a NotPetya attack.

It started out as a nation-state cyberattack targeting Ukraine, before spreading across companies through unpatched vulnerabilities.

The virus spread through the global network via a compromised update for M.E.Doc.

Over 600 global offices were impacted alongside the shutting down of 76 terminals across global ports.

In excess of 45,000 PCs and 4,000 servers were infected. Devices were locked and cryptocurrency was demanded, creating an estimated financial impact of US$300m.

Maersk switched swiftly to a manual paper-driven process model instead of relying on digital infrastructure. This vital step enabled it to restore approximately 80% of functionality while systems were being restored and made safe.

This attack demonstrated the need for patch management, business continuity planning and multi-factor authentication.

It shows that businesses that have implemented stronger visibility and scenario planning are much better equipped to avoid or adapt to conflict.

By having continuity planning and other predictive capabilities, businesses can have plans in place for when disruptive events do take place.

Maersk now has a dedicated cyber security policy in place.

It states: "Maersk is reliant on the safe operation of technology and its profitability is increasingly dependent on digital solutions. The management of cyber risk, through controls to prevent risks coming to bear and mitigations if they do, is fundamental to the continued operation of the company and the delivery of its strategy.

"Within Maersk, the purpose of cyber security is to control and mitigate risks arising from interconnected systems, information, applications, technology infrastructure and operational environments."

2025 attack wave impacts

2025 was a big year for cybercriminals with many prolific incidents taking place.

Several organisations across the UK's grocery supply chains were targeted by hackers including the Co-op, Peter Green Chilled and Marks & Spencer.

Attacks caused a six-week digital disruption for Marks & Spencer in April.

This resulted in no home delivery orders or click-and-collect. The company saw approximately £300m (US$394m) in revenue losses as a result of the attack.

NFU Mutual says that three in five retailers (63%) experience cyber crime.

The IO State of Information Security Report reveals that 97% of UK and US cyber leaders believe they are prepared for a breach.

Yet data shows that 61% experience a third-party or supply chain attack in the space of 12 months.

These attacks cause system outages and operational disruption as well as losses in partner trust.

Back in September 2025, global manufacturer JLR was left reeling from a cyber attack leading to production across key sites in Solihull, Halewood and Wolverhampton being halted, as the company scrambled to recover its systems.

Thousands of factory staff were ordered to stay home and customers were left waiting for deliveries of their vehicles.

JLR operates on a just in time manufacturing system, which means that thousands of components arrive on tight schedules and suppliers who depend on JLR's systems were majorly impacted amid the disruption.

Defence strategies for complex networks

Modern supply chains are more complex than ever and are made up of suppliers, logistics providers, software vendors, cloud platforms, manufacturers and contractors. 

More technology means more opportunity for attacks but it also creates greater visibility and risk prevention methods.

Muhammad Yahya Patel, Virtual CISO and Cybersecurity Advisor for EMEA at Huntress, explains: "AI is growing the attack surface faster than most organisations can track.

"When three in four businesses exploring AI have no security framework around it, you're building on an unstable foundation."

This proves that supply chains around the world need to prepare for risk with the need for asset visibility, dependency tracking, continuous compliance monitoring, software security and ransomware defence.

Vendor and third-party risk management, is essential for businesses to conduct security reviews before the contract gets signed.

With such risk assessments in place, security can be continuously monitored.

It is vital, that to protect the business, cybersecurity needs to be embedded across the ecosystem.

With intensifying modern cyber risks, it is no longer enough to protect just the perimeter.