Protecting the Supply Chain, Virtually

Consider the range of potential hazards that keep supply chain managers awake at night: high-seas piracy, natural disasters, thieving gangs, leaky TEUs, misdirected shipments, rising freight costs. Now add one more worry to that list: hackers who steal carbon credits.

As reported recently by the Financial Times Deutschland and Der Spiegel, cyber-thieves have pulled off a heist of companies’ carbon credits. The scheme sounds all too simple, really. The boosters sent e-mails to companies in Europe, Japan, and New Zealand, professing to be from the German Emissions Trading Authority (DEHSt), which is part of the EU’s Emission Trading System. The e-mails urged recipients to click through to a carbon-trading website and reset their passwords. The site was, of course, bogus, and once the hoodwinked parties entered their login credentials, the hackers used them to log in to the real trading system and siphon off carbon credits. Then they sold the credits to what Der Spiegel said were unwitting companies. The gambit has all the hallmarks of a classic phishing scam, but instead of banking information, the con men sought carbon credits.

For U.S. manufacturers that are not yet subject to the carbon regime, let this be a warning. A soon-to-be-published poll in Managing Automation’s March issue shows that most expect carbon regulation to hit home soon. When it does, remember this story.

After all, there’s a simple truth behind the firewall: Our world may be changing from paper to digital, but the people of this new world are not somehow remodeled by the change of venue. Our tendencies toward good or evil remain; we are simply free to act out our proclivities in new ways now.

So watch where you click.