Companies have been rushing to introduce supply chain management (SCM)systems for effective SCM and other benefits. However, there are a number of cyber threats in SCM systems. The main purpose of this study is to define the concept of cyber threat, examine general types of cyber threats, identify possible cyber threats to the supply chain, and suggest practical solutions. All procedures are based on a review of the available literature.
The most common cyber threats to SCM systems are explored in this study: inference attacks, password sniffing/cracking software, spoofing attacks, denial of service attacks (DoS), and direct attacks. Until now, many enterprises have typically placed more emphasis on aspects of different technologies. Companies should concentrate on the development of innovative security technologies and investment in human resources such as standardized screening/employment processes, continuous education systems, efficient reward systems, and autonomous communication channels about security issues. In order to deal effectively with these procedures for improving organization security, the role of senior management in both the organization and government agencies is essential.

1 Kay,E, "What’s the Next Step for RFID" Frontline Solutions 21-25, 2003

2 SearchSecutiry.com Definitions, "What is cyberwarfare?"

3 SAMATE, "Web Application Vulnerability Scanners"

4 Elkin, D., "Way to GuardAgainst Disruption" 9 (9): 46-53, 2004

5 Insecure. Org, "Top 10 Password Crackers"

6 Aviv,Y, "The effect of Collaborative Forecasting on Supply Chain Performance" 47 (47): 1326-1343, 2001

7 Littman,J, "The Watchman: The Twisted Life and Crimes of Serial Hacker KevinPoulsen" Little, Brown & Company 1997

8 Penrose,E.T, "The Theory of the Growth of the Firm" Oxford University Press 1959

9 Sheffi,Y, "The Resilient Enterprise" MIT Press, Cambridge: MA 2005

10 Zheng, S., "The New Spectrum of the Cross-enterprise Solution:The Integration of Supply Chain Management and Enterprise Resources PlanningSystems" 41 (41): 84-93, 2000

11 Coyle, J. J., "The Management of Business Logistics:A Supply Chain Perspective, 7th Edition" Ohio 2003

12 Helfat, C. E, "The Dynamic Resources-Based View" 24 (24): 997-1010, 2003

13 Petrick, I. J, "Technology Choice and Pooled Investment AmongNetworkers: Supply Chain Roadmaps" 2002

14 Martha, J, "Targeting a Just-in-Case Supply Chain for theInevitable Next Disaster" 6 (6): 56-66, 2002

15 Finch,P, "Supply chain risk management" 9 (9): 183-196, 2004

16 Tan, K. C., "Supply chain management: a strategicperspective" 22 (22): 614-631, 2002

17 Autry, C, "Supply Chain Security: A Dynamic Capabilities Approach" 124 (124): 307-329, 2009

18 Lee, H. L, "Supply Chain Security Without Tears" 7 (7): 12-20, 2003

19 Cachon, G. P, "Supply Chain Inventory Management and the Valueof Shared Information" 46 (46): 1032-1048, 2000

20 DIST (Department of Industry, Science and Tourism), "Stats Electronic Commerce inAustralia" Commonwealth of Australia, Canberra 1998

21 Anderson, J, "Security in the Information System Curriculum:Identification & Status of Relevant Issues" 42 (42): 16-24, 2002

22 Weis, S. A., "Security and PrivacyAspects of Low-cost Radio Frequency identification Systems, Security in PervasiveComputing, Lecture notes in computer science"

23 Clifton, C, "Security and Privacy Implications of Data Mining, ACMSIGMOD Workshop on Data Mining and Knowledge Discovery, Montreal Canada"

24 Goodhue, D. L, "Security Concerns of System Users: A Studyof Perceptions of the Adequacy of Security Measures" 20 (20): 13-27, 1991

25 Zhang, C, "Secure information sharing in Internet-based supply chainmanagement system" 46 (46): 18-24, 2006

26 Ensom,J, "Risk in the Supply Chain" E&Y Report 2004

27 Lee, C. W., "Relationship between supply chainperformance and degree of linkage among supplier, internal integration, andcustomer" 12 (12): 444-452, 2007

28 Jones, P., "Radio FrequencyIdentification in the UK: Opportunities and Challenges" 31 (31): 164-171, 2004

29 Molnar, D, "Privacy and Security in Library RFID: Issues,Practices, and Architectures" ACM Conference on Computer and CommunicationsSecurity

30 Michaelides,Z.M, "Organisational Integration Inventory Management Methods"

31 Juels,A, "Minimalist Cryptography for Low-Cost RFID Tags, RSA Laboratories"

32 Dawson, S., "Maximizing Sharing ofProtected Information" 64 (64): 496-541, 2002

33 Feitzinger, E, "Mass Customization at Hewlett-Packard: The Powerof Postponement" 116-121, 1997

34 Amitava, D, "Management's Role in Information Security in aCyber Economy" 45 (45): 67-87, 2002

35 Ranasinghe, D. C., "Low-Cost RFID Systems:Confronting Security and Privacy, MIT Auto-ID Labs Research Workshop"

36 Lee,H.L, "Intelligent Demand-Based Management" 2 (2): 61-73, 2002

37 Denning,E.D, "Information Warfare and Security" Addison-Wesley, ACM Press,London 1999

38 Cohen,F, "Information System Attacks: A Preliminary Classification Scheme" 16 (16): 29-46, 1997

39 Lee, H. L, "Information Sharing in a Supply Chain" 20 (20): 373-387, 2000

40 U.S. General Accounting Office, "Information Security: Computer Attacks at Departmentof Defense Pose Increasing Risk" 1996

41 Austrian Department of Commerce, "Information Security Guideline for NSW Government Agencies-Part 2 Examples of Threats and Vulnerabilities" 2003

42 Moberg, C. R., "Identifying Antecedentsof Information Exchange Within Supply Chains" 32 (32): 755-770, 2002

43 Aberdeen Group, "Global Supply Chain Benchmark Report"

44 Sanders,N.R, "Getting the Best Forecast by Combining Judgmental and StatisticalMethods"

45 Maiwald,E, "Fundamentals of Network Security, Part 3: Security Technologies" McGraw-Hill 2004

46 Chai, W, "Euro Notes May be Radio Tagged"

47 Lin, F., "Effects of Information Sharing on Supply ChainPerformance in Electronic Commerce" 49 (49): 258-268, 2002

48 Lee, J. N, "Effect of Partnership Quality on IS Outsourcing:Conceptual Framework and Empirical Validation" 15 (15): 26-61, 1999

49 Eisenhardt, K. M, "Dynamic Capabilities: What Are They?" 21 (21): 1105-1121, 2000

50 Forcht, K, "Developing a Computer Security Policy for OrganizationalUse and Implementation" 41 (41): 52-57, 2001

51 Raman,S, "Detecting Inference Attacks Using Association Rules" Rutgers University

52 Janczewski, L. J, "Cyber Warfare and Cyber-terrorism" InformationScience Reference 2008

53 Jung,K.J, "Cyber Threat under growth of Information Technology" 207-218, 2004

54 Warren, W, "Cyber Attacks Against Supply Chain ManagementSystems: A Short Note" 20 (20): 710-716, 2000

55 Straub, D. W, "Coping With Systems Risk: Security PlanningModels for Management Decision Making" 22 (22): 441-469, 1998

56 Gaonkar, R, "Collaboration and Information Sharing in GlobalContract Manufacturing Networks" 6 (6): 366-376, 2001

57 Lewis,J.A, "Assessing the Risks of Cyber Terrorism, Cyber War and OtherCyber Threats" 1-12, 2002

58 Baker, W. H., "Assessing informationsecurity risk in the supply chain" 2005

59 Kros, J., "Assessing & Quantifying the Loss of NetworkIntrusion" 45 (45): 36-42, 2005

60 Chandramouli, R, "Application of XML Tools for Enterprise-wide RBAC Implementation Tasks" 2000

61 U.S. Department of Commerce, "AnIntroduction to Computer Security: The NIST Handbook"

62 Spekman, R. E., "An empirical Investigation intoSupply Chain Management: A Perspective on Partnerships" 3 (3): 53-67, 1998

63 Howard,J.D, "An analysis of security incidents on the Internet" Carnegie MellonUniversity 1997

64 Smith, G. E., "A critical balance:collaboration and security in the IT-enabled supply chain" 45 (45): 2595-2613, 2007

65 Hussain, A., "A Framework for ClassifyingDenial of Service Attacks" ACM 2003