News

How Tariff Volatility Creates Opportunities For Bad Actors

Steve Durbin
Published 01 - July - 2025
Read the full article on Forbes
riskemerging threatsforbesgovernancesupply chaincompliancepeople

Tariffs have a cascading effect, both economic and geographic. While tariffs can spur economic sovereignty and stimulate innovation, they also bring with them volatility that can impact future planning and investments. Tariffs in an interdependent economy can slow or halt the supply of raw materials and intermediate products, disrupting value-added efficiency in trade logistics. West Monroe’s Q1 supply chain poll found the impact of tariffs surging to become the top issue for one-fifth of organizations surveyed, with 89% of companies making supply chain changes.

The imposition of higher tariffs (real or imagined) compels organizations to react by diversifying their supplier base, promoting nearshoring or relocating production facilities, and redirecting shipping routes. In my experience working in the cybersecurity industry, these actions can inadvertently create new threat exposures, adding to potential points of weakness susceptible to cyberattacks.

The Rise In Supply Chain Attacks In A Tariff-Driven World

Businesses often scramble to adjust their supply chains when tariffs raise the prices of goods and raw materials. To avoid short-term cost impositions, they may need to change sources overnight or work with new suppliers in lower-tariffed countries. In this accelerated process, thorough cybersecurity due diligence, which is vital to ensure that every component of the supply chain meets high security and compliance standards, may be compromised. This can leave weak links open to cyber adversaries.

Additional layers of complexity are often introduced when businesses find they must quickly re-engineer their supply chains. Enforcing standard security procedures can become cumbersome across disparate suppliers, which may be located in multiple jurisdictions with varying legal and regulatory standards. This fragmentation can lead to the reality that while one supplier may operate robust security practices, another may fall behind, introducing loopholes in the overall cybersecurity strategy, which can be targeted.

The economic costs of tariffs can also lead organizations to reappraise their budgets. New budgetary constraints can delay critical updates or limit the scope of security scans within the supply chain. One unprotected node in the supply chain can then create endless opportunities for threat actors.

Here are four primary ways in which tariffs and tariff response strategies can lead to reduced cybersecurity for supply chains:

  • Tariffs As Phishing Bait

Tariff fluctuations provide the perfect camouflage for threat actors to conduct fraud campaigns. Attackers impersonate logistics companies or customs agencies and send fake email or SMS notifications to victims declaring that new tariffs require instant payments, redirecting victims to spoofed payment portals.

Attackers also deploy AI to plan supply chain fraud attacks. AI-generated company profiles help attackers establish fictitious supplier personas with bogus websites and transaction histories. Businesses unknowingly employ these fictitious vendors, incurring massive financial losses and data breaches.

  • Insider Threats And Data Breaches

Attackers can also exploit data flow vulnerabilities, access controls, and vendor relationships to launch insider attacks in insecure supply chains. For example, the SolarWinds supply chain attack of 2020 exposed vulnerabilities in third-party software dependencies, demonstrating how compromised insider access can enable attackers to inject malicious code into system updates, affecting thousands of global organizations.

  • Geopolitics

Tariff-struck nation-states can retaliate with cyber threats, targeting tariff-imposing nations, disrupting trade and pilfering sensitive data. Cyberattacks may include economic espionage and attacks on critical infrastructure.

  • Compliance Risks

Businesses with operations in various nations with disparate legal, trade and cybersecurity laws can find themselves at risk of regulatory mismatches. Business entities that procure raw materials from geographically distant locations are exposed to varied labor and environmental laws and data privacy requirements due to unique tariff regimes, import/export rules, trade classifications and data protection legislation, which can put them at heightened compliance risk.

Security Frameworks To Mitigate Tariff-Related Supply Chain Risks

1. Apply a zero trust security model.

The zero trust paradigm, which assumes that no insider or outsider is necessarily trusted, is particularly relevant to supply chain security, where numerous vendors, third-party solution providers and logistics firms interact on complex networks. Zero trust requires that every vendor, supplier and system be regularly authenticated before being allowed access to critical assets. Supply chain networks are divided into smaller, discrete silos, preventing lateral movement for attackers.

2. Implement human risk management.

Quantify the risks associated with human actions, including mistakes, manipulation or intentional actions. You can do this by consistently evaluating end-user patterns, introducing customized interventions with a layered security approach and fostering behavioral changes through cybersecurity training to improve user awareness and judgment.

3. Conduct cyber risk assessments.

Perform routine security audits of suppliers, especially those recently brought on board because of unpredictable tariffs. Conduct penetration testing of third-party platforms to reveal vulnerabilities before integration. Automate security scans to confirm supply chain partners comply. Use blockchain-based models that provide tamper-proof trade records, which can help eliminate counterfeit invoices and altered customs declarations.

4. Enhance supply chain visibility.

Track vulnerabilities in supplier networks with real-time monitoring tools. For example, AI-powered anomaly detection can identify abnormal patterns in supplier transactions and establish automated alerts for suspicious activities within the supply chain network.

Tariff evasion is no longer an isolated incident but is now becoming increasingly prevalent, especially as geopolitical tensions affect international trade relations. However, taking shortcuts to supply chain adjustments in order to mitigate the costs of tariffs can lead to major consequences for your cybersecurity. By adopting the zero-trust model, focusing on human risk management, leveraging AI for fraud prevention, and prioritizing supply chain risk management, you can ensure your organization is equipped to navigate the uncertainties of new global trade orders.

Where next?

Discover more
Array

Build cyber resilience across your supply chain

Rise to the supplier risk challenge with a risk-based approach to your end-to-end supplier management lifecycle.

Read more on Build cyber resilience across your supply chain
Array
podcast

Future-Proofing Our Supply Chains

Omera Khan explores the importance of improved collaboration and increased visibility in supply chain management.

Listen Now on Future-Proofing Our Supply Chains
Array
service

Supply Chain Management Assessment

Gain an up-to-date picture of information risk in your supply chain to reduce risk from external suppliers and improve cyber resilience.

GET IN TOUCH on Supply Chain Management Assessment
How Tariff Volatility Creates Opportunities For Bad Actors
Read the full article on Forbes