What is Supply Chain Attack?
Examples and Prevention
Supply chain attacks are one of the growing concerns for organisations because it occurs when a cybercriminal targets the weakest link of a third-party or supplier in order to get access to a larger network of their customers or vendors. This type of attacks target the smaller businesses first because they do not have a strong cybersecurity protection. This approach is often successful because many organisations rely heavily on third-party vendors to provide services and products necessary to their operations. As a result, these attacks can be highly damaging, both in terms of financial loss and reputational damage.
According to Statista, there was a 742 percent year-over-year increase in open source software (OSS) supply chain attacks in 2022. The attackers were aimed at exploiting any weaknesses in upstream open source ecosystems, such as JavaScript, Java, .NET, and Python. In the 2021, the figure was 650 percent.
One of the reasons for the increase in supply chain attacks is the growing complexity of supply chains themselves. As companies continue to outsource services and products to third-party vendors, the number of potential targets for cybercriminals is also growing. In addition, the use of cloud-based services and the Internet of Things (IoT) has created new challenges for supply chain security, as these technologies can be more difficult to store and monitor than traditional on-site equipment.
Another factor driving the rise in attacks is the potential for high ROI for cybercriminals. By targeting a single vendor or supplier, cybercriminals can gain access to the networks of many companies. This method is generally safer and less risky than trying to hack a company’s network directly. To reduce the risk of supply chain attacks, organisations must take a proactive approach to supply chain security.
Examples of supply chain attacks
Supply chain attacks are not new. Here are some examples of supply chain attacks in recent years:
-
SolarWinds attack
SolarWinds is a major software company based in Oklahoma that provides system management tools for network and infrastructure monitoring, and other technical services to hundreds of thousands of organisations in the world. One of their products is an IT performance monitoring system called Orion that has privileged access to IT systems to obtain log and system performance data.
In 2020, a Russian espionage (hacking group) managed to compromise the supply chain of SolarWind and insert malware into Orion latest software updates. In this case, it meant that the attacker had potential access to the almost 18,000 SolarWind customers, including Microsoft, US Justice Department, State Department, or even NASA.
-
Target Data Breach
Target is one of the largest retail corporations in the United States. In 2013, during the busy holiday shopping season in December, the hackers gained access to Target’s payment system by infiltrating a third-party vendor’s network. They installed malware on Target’s point-of-sale (POS) terminals, which allowed them to capture credit and debit card information as customers swipe their cards. The stolen information included names, addresses, phone numbers, email addresses, and credit and debit card numbers of up to 40 million customers.
The company immediately took steps to contain the breach, including working with law enforcement, hiring a third-party forensics firm to investigate the incident, and offering free credit monitoring and identity theft protection to affected customers. The incident led to a drop in Target’s stock price and resulted in several lawsuits and investigations.
-
Ticketmaster Data Breach
Ticketmaster is a leading ticket sales and distribution company. In 2017, the breach occurred when hackers infiltrated a third-party customer support system used by Ticketmaster called Inbeta. The cyber criminals used the chat system to get access to the personal and financial information of Ticketmaster customers.
The compromised data included customers’ names, addresses, email addresses, phone numbers, payment card numbers, expiration dates, and security codes. It is estimated that up to 40,000 customers in the UK were affected by the breach. Because of this issue, Ticketmaster was fined more than 1 million pounds over a payment data breach.
Prevention measures for supply chain attacks
Those supply chain attack examples highlight the importance of third-party vendor security and the need for companies to thoroughly monitor the security practices of their vendors. So, how to prevent this attack?
1. Cyber risk assessment: Every organisation should assess the cyber risks in their supply chain and identify any potential weaknesses. This may include conducting security checks on the seller and others.
2. Security requirements: It becomes necessary to require the suppliers and vendors to apply to certain security standards and regulations, such as strong password policies, multi factor authentication, and regular security updates.
3. Monitoring and detection: It is important to implement monitoring and detection systems to detect suspicious activity they provide. This may include the use of intrusion detection and prevention systems and security information in event management systems.
4. Emergency response plan: Companies should have an incident response plan to quickly respond to any security incident that occurs in their supply chain. The plan should include policies for notifying affected customers, partners, and law enforcement, as well as measures to contain and mitigate damage from the attack.
5. Education and awareness: Every business should educate their employees, partners and customers about the risks of supply chain attacks and provide guidance on how to detect and prevent them.
If you’re looking to improve your business’s cybersecurity to include third-party and supply chain, consider trying cybersecurity risk assessment from ArmourZero to get a clear understanding of your risks and prioritise your efforts to reduce those risks.
Written by:
Fanny Fajarianti (Performance Marketing). Experienced digital marketer in the information technology and services industry.
Share this post
Related Posts
Earth Day: The Connection of Cybersecurity and Sustainability
- 22 Apr 2024
- By:Fanny Fajarianti
- Category: ArmourHacks
Uncover the link between Earth Day and Cybersecurity, promoting sustainability through data protection and environmental stewardship. Let’s secure a greener future.
What is DevSecOps? Definition & Best Practices for Tech Industries
- 18 Apr 2024
- By:Bernadetta Septarini
- Category: ArmourHacks
Learn about DevSecOps, principles, and best practices for the tech industry. Integrate security seamlessly into software development and enhance quality.
Safeguarding Your Organisation During the Hari Raya Holiday
- 09 Apr 2024
- By:Bernadetta Septarini
- Category: ArmourHacks
Protect your organisation from holiday cyberattacks during Hari Raya. Learn more about the risks and best practices for holiday security with ArmourZero.
Cyberattacks: A Growing Threat to Higher Education
- 02 Apr 2024
- By:Fanny Fajarianti
- Category: ArmourHacks
Universities hold sensitive data but face cyberattack risks in the digital age. Explore the impact of cyberattack and learn how to protect your institution.
