Third-party logistics supply chain assessment

Reversec

Overview

We were initially engaged to perform an ICS security assessment of a multinational tire manufacturer’s warehouse chain. During the assessment, we identified direct connections to the wider third-party logistics (3PL) supply chain, including access to provider operator systems and internal networks.

 

Company

Multinational tire manufacturer

Industry

Manufacturing

Solution

We identified several viable attack paths that could allow an attacker to take control of the company’s global operations.

One path involved exploiting security gaps in the organization’s Citrix environment and using access to 3PL operator infrastructure to pivot through weaker security controls in the supply chain, returning to the manufacturer’s network with elevated privileges.

Another path focused on the use of 3PL warehouse employee credentials. These users had been assigned high-privilege Active Directory accounts on the parent network, along with direct access to the manufacturer’s environment through Citrix.

We also observed that corporate firewalls were being bypassed to support operational efficiency, such as retrieving production data on batches.

Outcome

We recommended changes to limit the impact of a potential compromise in the supply chain. This included revising the Active Directory configuration and separating internal and third-party users into distinct forests to reduce the level of access available if a partner account were compromised.

We also advised restructuring the network and placing Citrix in a separate segment to prevent attackers from moving into the wider corporate environment.

In addition, we recommended introducing an extra firewall layer between vendor connections to reduce opportunities for pivoting back into the manufacturer’s environment.

Following the engagement, the client carried out a full review of its third-party logistics suppliers and introduced cybersecurity standards and auditing requirements for third parties.

Used services

Security Assurance Testing

Optimize the security testing and development of your assets according to your business goals, risk profile, and the real-world threats targeting your organization.

Security Assurance Testing

Resilience Development

Build your immune system and withstand a cyber incident; assess risk by testing your controls against likely threats, and improve the skills of your security operations team.

Resilience development

Our accreditations and certificates

NCSC
CREST
National Cyber Security Centre
PCI QSA
DNV
NCSC CREST National Cyber Security Centre PCI QSA DNV NCSC CREST National Cyber Security Centre PCI QSA DNV

Don’t be a stranger, let’s get in touch.

Our team of dedicated experts can help guide you in finding the right
solution for your unique issues. Complete the form and we are happy to
reach out as soon as possible to discuss more.

This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.