Supply chain attacks occur when a miscreant targets a trusted third-party vendor who is offering services or software to an organization. An unsecure supplier in the chain is attacked in order for the crooks to infiltrate the targeted system. The goal of the attacker is to gain access to systems or data through the trusted supplier’s vulnerability. This attack can cause data loss, disruptions and malware. High-profile attacks include SolarWinds, the Equifax breach and Target.
This cyberattack can include compromising software, malicious code shipped into hardware components or malware installed on third-party devices.
Preventing future supply chain attacks isn’t easy. It is difficult to ensure that what the buyer is purchasing isn’t corrupt. Agencies need to vet their suppliers. Hold them accountable and enforce certain standards.
Open source resources are often at risk. Threat actors have been actively searching for vulnerabilities in these products and services.
It is essential that organizations have a process in place for risk assessment for third party vendors. This can be performed through a questionnaire, reviews and ratings.
Ensure that the practice of least-privilege access is enforced. Implement network segmentation in order to limit the attack surface and spread. An automated threat protection and threat hunting solution can assist with your defenses.