As the pandemic compelled businesses toward cloud adoption, remote work, and rapid digital transformation, cyberattacks have also been on the rise. The most damaging and high-profile hacks in recent years are supply chain attacks. But what are supply chain attacks and how can organizations protect themselves from them? This article answers these questions and more.
What is a supply chain attack?
As the name suggests, a supply chain attack is a type of cyberattack that targets a third-party vendor or partner that delivers services or software to a company. Since the third party has access to the company’s data and rights to use parts of their network and applications, the attacker infiltrates the company’s digital infrastructure through them.
The two main types of supply chain attacks are software and hardware. A software supply chain attack involves the injection of malicious code into an application as a means to infect all app users. Meanwhile, a hardware supply chain attack compromises physical components.
Today, software supply chain attacks have grown in scale because modern software usually contains proprietary code, open source code, and third-party APIs. If any of these dependencies are compromised, all businesses that download from the vendor are affected.
Sources of supply chain attacks
Three of the most common sources of supply chain attacks are foreign products, open-source supply chains, and commercial software.
Supply chain attacks from foreign sources
Supply chain attacks from foreign countries can come in two ways: intentionally or through malicious actors. The intentional addition of malicious code to a private company’s software products can happen in countries like China, where the government exercises great control over production.
On the other hand, other attacks are not sanctioned by the government. Any malicious actor can infiltrate legitimate products. When these products are bought overseas, foreign hackers can have full access to sensitive information and systems.
Supply chain attacks from open-source supply chains
Open-source software solutions allow anyone to contribute to creating a program. Because of this, hackers can program vulnerabilities into open-source software in order for them to introduce threats more easily into these programs. Even if other developers can evaluate open-source solutions, they may not always catch vulnerabilities. This puts companies that use open-source software at risk.
Supply chain attacks from commercial products
Software vendors are popular targets of cyberattacks because they have hundreds of customers. If a supply chain attacker attacks their systems, they can target a high number of companies.
Compiler attacks are one method used by attackers who target commercial software providers. A compiler translates code from one programming language to another. Afterward, the compiler is used to insert malicious code into the translation.
Examples of supply chain attacks
Attackers took advantage of an update feature of ASUS and impacted around 500,000 systems. The automatic update introduced malware to the users.
British Airways, 2018
British Airways suffered a Magecart attack that affected more than 380,000 transactions on their website. This was done by attacking one of the airline’s vendors.
The attack on SolarWinds is one that many are familiar with. Hackers injected malicious code into the software’s build cycle and affected around 18,000 customers, including government agencies who had topnotch security sytems.
In this attack, hackers compromised a security certificate used to authenticate Mimecast’s services on Microsoft 365 Exchange Web Services. About 10% of Mimecast’s customers use apps that relied on the compromised certificate.
How to prevent a supply chain attack
- Evaluate third parties’ cybersecurity risks. Organizations can ask their partners to perform self-assessments to ensure that they are secure and trustworthy. This should be an ongoing process, not a one-time check.
- Review and limit who has access to sensitive information. Sensitive data should only be available to those who need it.
- Reduce the number of persons within the company who are authorized to install third-party software. This would decrease the opportunities for cyberattacks.
- Include supply chains in response and remediation plans. Having a clear and transparent incident response plan is the first step to mitigating problems. Including supply chains ensures that a fast response and minimum damage happens when a cyberattack occurs.
- Ensure that the company’s data is erased from a vendor’s systems after a contract is terminated.
- Invest in cybersecurity tools that can forecast threats and provide advanced malware protection.
Protect yourself from supply chain attacks
Many cybersecurity experts predict that the next “pandemic” will be digital. Hence, organizations must equip themselves with the knowledge and tools to defend against malicious actors. Supply chain attacks can be prevented by improving supply chain security. This is done by choosing vendors carefully and constantly checking and limiting access to sensitive systems and data.
Check out Timeqube for more helpful tips and tools for remote teams and the modern workplace.