Your organization might have the strictest firewalls, the most advanced email filtering systems, and top notch vulnerability scanning, but what happens if your partners aren't equally secure? Supply chain attacks are becoming increasingly common as bad actors try to breach an organization through its supply chain. It not enough to make sure your business is secure, but you must ensure that the vendors and companies you trust with your data are equally protected.
What is a Supply Chain Attack?
According to Fortinet, a supply chain attack "refers to when someone uses an outside provider or partner that has access to your data and systems to infiltrate your digital infrastructure". Many organizations use third party vendors are partner with other companies to improve their services, but this can be risky when it comes to cybersecurity. To work together you will have to provide some level of access to your network, resources, and data. If the vendor doesn't have the necessary security controls implemented they could constitute a vulnerability.
Your supply chain is made up of every individual, third party software or vendor, company that works together to develop or implement a product or service. For many organizations this supply chain can be expansive, which in turn greatly broadens an attack surface. If a cyber criminal is able to compromise one of these suppliers, they may in turn gain access to your IT systems.
Examples of Supply Chain Attacks
The past several years have been marked by an increase in supply chain attacks as cyber criminals are targeting large corporation and critical infrastructure.
SolarWinds is a software company that develops management tools for IT companies. They are known primarily by their network management system (NMS) product named "Orion". Cyber criminals were able to compromise Orion and distribute malware to various other companies that use the service including multiple branches of the US government. SolarWinds has become known as one of the largest supply chain attacks for its wide reach and detriment to the nations overall security posture.
In 2022 Toyota felt the blow-back from a ransomware attack made against one its suppliers, Kojima Industries Corp. Due to this ransomware attack Toyota was forced to shut down production in all of their Japan-based manufacturing. According to reports the downtime resulting from this attack caused a 5% drop in monthly production within Japan. This is an example of how supply chain attacks can cause significant downtime for your business, in turn causing you to miss out on profit and productivity.
Kaseya, an IT management software company, was hit by a supply chain attack in July of 2021 due to a vulnerability in some of their software. The ransomware group that targeted Kaseya was discovered to be REvil, who then carried out multiple ransomware attacks on managed service providers (MSPs).
What Can You Do?
Preventing supply chain attacks isn't only about protecting your organization, but also the vendors and suppliers you work with. However, this trust goes both ways and your organization should do its due diligence when partnering with other organizations. Make sure that your vendors have put controls in place to ensure data integrity and protection as well implement foundational security protocols. You should feel confident that the employees working for your partners are aware and educated on how to protect themselves from social engineering, they should be required to use complex and unique passwords as well as MFA.
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. CorpInfoTech can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.