Recent cyberattacks against widely distributed networks have rattled sectors that previously thought themselves immune from attack. To both manufacturers and retailers, these events underscore the reality that the threat is pervasive across all industry categories.
The technological revolution in supply chain management is attracting new vulnerabilities. According to a 2024 report, 35.5% of all data breaches were caused by third-party compromises, up from 29% the year before.
The cyberattack at United Natural Foods, Inc. (UNFI), a top retail brand and the primary distributor for Amazon-owned Whole Foods, has thrown the latter’s business into chaos. UNFI, which supplies to more than 30,000 stores, identified unauthorized activity on its computer network on June 5, 2025, prompting it to take certain systems offline. The attack severely hampered UNFI’s ability to ship and deliver orders, rendering Whole Foods short of stock.
The manufacturing sector also faced a serious blow from a March ransomware attack against Sensata Technologies, a top manufacturer of sensors and other electrical components utilized by the auto and aerospace industries. The attack caused exfiltration of sensitive employee personal information, including Social Security numbers and financial and medical data, and disrupted the company’s shipping, production and other operations.
Both of these attacks serve to underline that, whether by means of a single hacked supplier or coordinated cyberattack, supply chain vulnerabilities can have a ripple effect on retail networks and manufacturing operations. A volatile geopolitical environment, coupled with sophisticated cyber threats, underscores the need for a sound, five-step supplier risk-mitigation strategy.
Auditing supplier inventories. Businesses, especially in retail and manufacturing, must have up‑to‑date records of every supplier’s scope of work, product types and locations. When retailers depend on intricate networks to deliver consumer products, or manufacturers rely on precise parts and components for assembly, the discovery of any weak link is critical. When every link is clearly mapped out, a vulnerability or gap in the chain becomes immediately visible.
Taking the Whole Foods and Sensata attacks as examples, an undetected security breach into one supplier’s network could quickly escalate into a widespread disruption on production lines and store shelves. Running an inventory audit reduces risk and ensures the organization is prepared to detect and neutralize threats before they spiral out of control.
Updating supply chain information risk assessments. Risk is an ever-evolving metric. Shifts in geopolitical climates and international trade tensions can rapidly alter risk profiles. Organizations must refresh their risk assessments to include additional data points, such as location-based risk, supplier maturity and changing threat patterns. This involves discovering and categorizing suppliers by criticality, evaluating new entrants to the supply chain, and revaluing relationships that have faded or ended.
By documenting suppliers in a granular way, organizations can identify new risk metrics, such as regional instabilities, or recently acquired suppliers whose risk postures have not been fully vetted.
Managing high‑risk suppliers. This is especially vital in retail chains where customer-facing systems are dependent on a strong and secure supply chain, and in manufacturing, where production efficiency is closely linked to that of suppliers.
Organizations need to make sure that contact details for major suppliers are regularly updated and that strong evaluation questionnaires, with strict cybersecurity clauses, are in place. Continuous monitoring techniques, such as automated checking of SSL certificates and non‑intrusive surface scanning, are invaluable. These measures help identify potential weaknesses before they can be exploited.
Terminating supplier relationships securely. When a supplier’s service is no longer needed, or a supplier poses a heightened risk, the termination process must ensure that all digital and physical access is revoked. Data associated with terminated relationships must be securely deleted using advanced techniques such as cryptographic erasure. By following these protocols, organizations can prevent any leftover access from being exploited as an entry point for future cyberattacks.
Testing the incident response plan through simulations. Developing detailed scenarios, conducting tabletop exercises, and workshopping potential cyber incidents is a critical step in identifying vulnerabilities in your incident response plan, and testing its readiness against cyberattacks. The time invested in practicing these steps can dramatically limit the impact should an incident occur.
The supply chain security landscape is evolving at a rapid rate, and no organization can afford to remain slack. When a single vulnerability has the capacity to create multiple points of disruption, making supply chain security a priority is not just a defensive strategy, but a competitive one. By applying the above lessons to daily operations, companies can develop resilience in their supply chains against advanced cyber threats.
Steve Durbin is chief executive of the Information Security Forum.