For years, cybersecurity experts have been concerned about supply chain hacks since a single attack on a single supplier might produce a chain reaction that compromises a network of providers. Malware is the most common attack method, accounting for 62% of all attacks.
Strong security protection is no longer adequate for enterprises when attackers have already moved their focus to suppliers, according to the latest ENISA research – Threat Landscape for Supply Chain Incidents, which reviewed 24 recent attacks.
The rising effect of these assaults, such as system downtime, monetary loss, and reputational harm, demonstrates this.
In comparison to last year, supply chain assaults are predicted to increase fourfold in 2021. This new trend emphasizes the urgency with which governments and the cybersecurity community must respond. This is why unique defensive measures to avoid and respond to future supply chain threats while reducing their impact must be implemented as soon as possible.
“Through the cascading impact of supply chain assaults, threat actors may wreak significant harm affecting businesses and their consumers all at once,” stated the Executive Director of the EU Agency for Cybersecurity. Member states will be able to achieve a comparable level of capabilities through good practices and coordinated efforts at the EU level, enhancing the EU’s common level of cybersecurity.”
Table of Contents
The ecosystem of resources required to create, manufacture, and distribute a product is referred to as a supply chain. A supply chain is cybersecurity consists of hardware and software, cloud or local storage, and distribution techniques.
Supply chain assaults, which consist of an attack on one or more suppliers followed by an attack on the end target, the client, can take months to complete. In many cases, an attack like this might go unnoticed for a long period. Supply chain assaults, like Advanced Persistence Threat (APT) attacks, are generally focused, complicated, and expensive, with attackers likely preparing ahead of time. All of these factors reflect the enemies’ level of intelligence as well as their determination to succeed.
Even if an organization’s defenses are strong, it might be exposed to a supply chain assault, according to the paper. By targeting suppliers, the attackers are looking for new avenues to enter organizations. Furthermore, because the impact of supply chain assaults on a large number of consumers is nearly endless, these attacks are becoming more widespread.
In around 66 percent of the reported occurrences, attackers concentrated on the suppliers’ code to compromise the targeted customers. This demonstrates the need for organizations to focus their efforts on verifying third-party code and software before utilizing it to guarantee it has not been tampered with or modified.
Customer data, including Personally Identifiable Information (PII) data and intellectual property, was targeted in about 58 percent of the supply chain events investigated.
Suppliers were unaware of or failed to notice how they were hacked in 66% of supply chain hacks investigated. However, only around 9% of consumers who were harmed as a result of supply chain hacks were aware of the incident. This emphasizes the maturity difference between suppliers and end-users when it comes to cybersecurity event reporting.
Several high-profile instances have lately occurred from hacker attacks on supply networks. The systems or software of trusted vendors were hacked in each of the supply chain assault cases below.
Microsoft, Uber, Apple, and Tesla were all hacked by a security researcher. Alex Birsan, the researcher, took advantage of dependencies, which are used by apps to give services to end-users. Birsan was able to send fake but innocuous data packets to high-profile individuals because of these requirements.
Hackers were able to compromise a security certificate that authenticates Mimecast’s services on Microsoft 365 Exchange Web Services during the Mimecast assault. While just a small percentage of Mimecast’s clients were affected, roughly 10% of the company’s customers utilize apps that rely on the leaked certificate.
The SolarWinds assault was carried out by introducing a backdoor into the Orion IT update tool known as SUNBURST. A total of 18,000 clients have downloaded the backdoor.
According to Symantec experts, the assault against ASUS took the use of an update mechanism and affected as many as 500,000 PCs. An automated update was employed in the attempt to infect consumers’ computers with malware.
A repository within the GitHub system was infected with malware in the event-stream assault. An unknown number of programs were able to access the dependency in the malware repository. While GitHub is not open source, it does provide public backup service and encourages users to share their solutions with others.
In a nutshell, the recommendations are:
At the EU level, implement best practices and participate in coordinated efforts.
Because of the growing interdependencies and sophistication of the tactics deployed, assaults against suppliers may have far-reaching implications. Beyond the financial costs to impacted organizations and other parties, there is a greater cause for worry when sensitive material is leaked and national security is jeopardized, or when geopolitical ramifications are possible.
In this complex supply chain environment, adopting good practices and participating in EU-wide coordinated efforts are both critical to assisting the other Member States in acquiring similar capabilities – and achieving a shared degree of security.
Customers may use the report’s wide list of suggestions to control supply chain cybersecurity risk and manage relationships with suppliers.
In a conclusion, we would like to say that day by day the viruses are getting more and more powerful, and hence there is always a high possibility of a supply chain attack. But along with that the power of cybersecurity is also increasing, hence better protection methods are also being implemented by companies to counter those attacks.
In today's digital world, schools generate and handle more sensitive student data than ever before.…
In current times, the world pandemic has made people appreciate telehealth more. Telehealth refers to…
In today's world of sophisticated cyberattacks and data breaches, traditional security models focused on perimeter…
Haven’t heard of SASE before? You’re not alone. Standing for Secure Access Service Edge, SASE…
The presence of cyber risks could lead to a disruption in the operations of any…
IT teams require more effective approaches to monitor and control devices remotely as remote work…