Research

Supply Chain Cybersecurity Lab

We protect physical supply chains from cyberattacks.
A digital global map depicting nodes in an electronic network

The Supply Chain Cybersecurity Lab at MIT CTL is an interdisciplinary research initiative focused on mitigating the impact of cyberattacks on physical operations. We study how technology-dependent supply chains—which include large software networks, AI agents, robotics, cloud platforms, and complex third-party ecosystems—expand the attack surface and redefine supply chain cybersecurity risks. 

We work with industry to assess how cyberattacks affect manufacturing, warehousing, transportation, fulfillment, and other critical supply chain operations; identify the technology, data, and physical dependencies that create exposure; and develop prevention, mitigation, and recovery strategies. 

By combining independent MIT research with insights from industry, the Supply Chain Cybersecurity Lab’s mission is to help organizations build supply chains that remain resilient even when technology fails.

~$
T
impact of cybercrime worldwide in 2025
>
%
cyberattacks coming from a third-party technology partner
%
of Forbes Global 2000 firms connected to at least one tech vendor hacked in 2025

Research areas

Supply chain cyber vulnerability mapping

We identify the technology, data, and physical dependencies that make supply chains vulnerable to cyberattacks. This includes critical systems such as ERP, WMS, TMS, cloud platforms, automation, robotics, and third-party technology providers.

Operational impact, response, and recovery

We study why some cyberattacks become major operational failures while others are contained more quickly. Our research examines the organizational, technical, and operational factors that influence disruption severity, decision-making, and time to recovery.

Systemic and concentration risk

Modern supply chains increasingly depend on a small number of shared technology, cloud, and service providers. We examine how these concentrated dependencies can create systemic risk across industries and identify strategies to reduce cascading operational consequences.

AI, automation, and emerging cyber risks

As supply chains adopt AI agents, interconnected automation, and autonomous systems like humanoids, they gain new capabilities, but they add new vulnerabilities as well. We investigate emerging attack vectors, security trade-offs, and practical guardrails for deploying future technologies safely in physical operations.

Digital world map with red nodes suggesting cyberthreats

Publications

Managing technology-related disruptions and vulnerabilities in highly automated warehouse systems: an integrative review and research agenda

Recent technological developments in warehousing have introduced new risks. This paper presents an integrative review that combines insights from highly automated warehouse systems (HAWS) and risk management, providing a comprehensive understanding of technology-related warehouse disruptions and vulnerabilities. 

We identify 48 technology-related vulnerabilities across different types of disruptions. In particular, HAWS have become vulnerable to cyberattacks due to the increasing number of warehouse technology suppliers, greater complexity of multi-robot networks such as AMRs, reliance on cloud-based systems, and cascading effect of cyberattacks due to higher levels of interconnectivity in HAWS networks. In response, we propose a research agenda with 17 pathways aimed at enhancing prevention, detection, mitigation, and recovery strategies for HAWS. Read the paper.

Identifying key vulnerabilities in the warehouses of the future

The rapid adoption of automation and digital technologies in warehousing introduces new risks that could disrupt operations and impact the broader supply chain. Drawing from extensive state-of-the-art research and insights from over 40 warehousing and technology experts, our study identifies five major disruptions that can affect modern, highly automated warehouses: cyberattacks, power and network outages, technology sabotage, technology failures, and accidents caused by human-machine interaction. Read the full reportRead the executive summary.

Supply chains under (cyber)attack

Supply chain resilience increasingly depends on cybersecurity. As operations become more reliant on connected technologies, automation, and digital systems, cyberattacks can affect far more than data or IT infrastructure: they can interrupt the physical flow of goods. This research examines why cybersecurity must become an integral part of supply chain strategy and how companies can better understand and defend the operational systems on which modern supply chains depend. Read the short article.

Just the tip of the iceberg: the cyberattacks behind supply chain disruptions

The cyberattacks that become publicly visible are only part of a much larger problem. Many of the most consequential events are indirect, beginning with attacks on shared software, cloud, automation, or technology providers and then spreading across companies that depend on them. This research examines how digital concentration and hidden technology dependencies can create systemic supply chain risk, and why companies need to map those dependencies and strengthen their ability to mitigate and recover from cyberattacks. Read the short article.

How cloud reliance increases global disruptions: the AWS outage, a wake-up call for modern supply chains

Cloud services support a growing share of supply chain operations, making cloud dependence a major source of concentration risk. Recent cloud outages demonstrate how disruptions at a single provider can cascade across interconnected systems and how difficult it can be to bring operations back online safely. This research explores how organizations can build resilience around cloud-dependent operations, not by abandoning the cloud, but by preparing for its failure. Read the short article.

Contact us

Interested in collaborating with us? Reach out.