Bombardier’s supply chain attack, Accellion’s latest victim
It’s beginning to feel like groundhog day. Another day, another cyberattack, or so it feels. Although the breach was said to have affected ‘less than 50 customers,’ and within 72 hours Accellion had fixed the zero-day vulnerability, two weeks after disclosure, the impacts are still being felt.
Canadian plane maker Bombardier confirmed yesterday that it had suffered a “limited” security breach.
“Forensic analysis revealed that personal and other confidential information relating to employees, customers and suppliers was compromised,” the firm said in a statement. “Approximately 130 employees located in Costa Rica were impacted. Bombardier has been proactively contacting customers and other external stakeholders whose data was potentially compromised.
“The ongoing investigation indicates that the unauthorised access was limited solely to data stored on the specific servers. Manufacturing and customer support operations have not been impacted or interrupted.
“Bombardier can also confirm the company was not specifically targeted – the vulnerability impacted multiple organisations using the application. Bombardier will continue to assess the situation and stay in close contact with its clients, suppliers and employees, as well as other stakeholders.”
“Accellion has patched all known FTA vulnerabilities exploited by the threat actors and has added new monitoring and alerting capabilities to flag anomalies associated with these attack vectors,” confirmed Accellion in a press release.
Accellion said it had identified two distinct groups of affected FTA users. Out of 300 clients, less than 100 were attack victimes and fewer than 25 are known to have suffered any data loss. Reserve Bank of New Zealan, Singaporean telco Singtel and law firm Jones Day are among those to have had data stolen by the same group said to be responsible for the Accellion attack.
“The fallout from the Accellion-centered breach continues, purportedly this time with Bombardier. The takeaways should be pretty clear to people keeping score. Always keep software up-to-date or replace it with next-generation software that’s supported by the vendor,” said Trevor Morgan, product manager with data security specialists comforte AG in a statement.
IHS Markit/CIPS: UK Manufacturing PMI near-record high
UK manufacturing trends
For the UK manufacturing sector, growth of output and new orders were both reported by IHS Markit and CIPS as among the best seen over the past seven years, which in turn has led to a strong increase in employment. Despite this, the sector continues to face supply chain delays and input shortages, which resulted in increased purchasing costs and record selling price inflation.
UK Manufacturing IHS Markit/CIPS Purchasing Managers’ Index® (PMI®)
Seasonally adjusted, IHS Markit/CIPS Purchasing Managers’ Index® (PMI®) rose to 60.9 in April, which was an increase compared to March (58.9) and above the estimated 60.7 for April.
Increasing for the eleventh consecutive month, the latest readings are the highest since July 1994 (61.0). The output growth for April has been attributed to the loosening of lockdown restrictions, improving demands and a rise in backlogged work.
“The manufacturing sector was flooded with optimism in April as the PMI rose to its highest level since July 1994, bolstered by strong levels of new orders and the end of lockdown restrictions opened the gates to business. It was primarily the home market that fuelled this upsurge in activity though more work from the US, Europe and China demonstrated there were also improvements in the global economy. This boom largely benefited corporates as output growth at small-scale producers continued to lag behind,” said Duncan Brock, Group Director at the Chartered Institute of Procurement & Supply.
In addition to expanding production, total new orders rose for its third consecutive month, which was attributed to a revival of domestic market conditions, stronger client confidence, parts of the economy reopening and improving global market conditions.
While new exports rose in April, the rate was reported as weaker in comparison to new orders. “Companies reported improved new work intakes from several trading partners, including mainland Europe, the US, China and South-East Asia. Large-sized manufacturers saw a substantial expansion in new export order intakes, compared to only a marginal rise at small-sized firms,” said IHS Markit/CIPS.
UK Manufacturing’s outlook
Remaining positive at the start of the second quarter, 66% of companies forecast that output will be higher in a year's time, which is attributed to expectations for less disruption related to COVID-19 and Brexit, economic recovery, improved client confidence and new product launches.
“Further loosening of COVID-19 restrictions at home and abroad led to another marked growth spurt at UK factories. The headline PMI rose to a near 27-year high, as output and new orders expanded at increased rates. The outlook for the sector is also increasingly positive, with two-thirds of manufacturers expecting output to be higher in one year’s time. Export growth remains relatively subdued, however, as small manufacturers struggle to export,” said Rob Dobson, Director at IHS Markit.
Adding to comments from IHS Markit and CIPS, , Managing Director of Freight and Logistics at Accenture Global said: “While today’s figures are positive overall, the worsening supply situation is still a concern, with rates of both input costs and selling price inflation running far above anything previously seen. Shipping delays and material shortages are driving huge backlogs of uncompleted work and the surge in manufacturing orders is leading to many firms struggling to boost operating capacity to keep up with demand. With business expectations becoming even more optimistic as the economy rebounds, the big question will be whether firms will be able to cope with the surging inflows of new orders.
“As ongoing supply chain issues are still at large, companies with wide international footprints should look to reassess their logistics strategies by running supply chain stress tests and simulations in order to respond quickly to upswings and variability in demand. A flexible and resilient supply chain will be a key way for businesses to remain both competitive and stable as we emerge from the pandemic”