• XRATOR
  • Our Experts
  • Contact Us
  • Privacy & Policy
Conquer your risk
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
Conquer your risk
No Result
View All Result
Home Cybersecurity

What is a “supply chain attack”?

Supply chain cyber attacks are electronic and physical risks to the integrity of data and systems across the supply chain.

Gwendal SmithbyGwendal Smith
November 24, 2022
in Articles, Cyber Attacks, Cybercrime, Cybersecurity, Malware, Risk Management
5
What is a “supply chain attack”?

Supply chain-attacks pass through the IT systems of the targeted company’s service providers, which makes them difficult to detect. These attacks pass through the IT systems of the targeted company’s service providers, which makes them difficult to detect.

SolarWinds, Kaseya, and NotPetya all have one thing in common: they are supply chain attacks. This type of cyber-aggression is very handy for adversaries, as it is very difficult for the victim companies to detect and block. To understand why, let’s take a look at how they work.

Supply Chain Attack In Cybersecurity

A supply chain attack targets its victim by a circuitous route: it infects a third party, such as a software service provider, and then goes after its final target. This can be used to mask the attack to multiply its effect or to reach a very secure target.

In the case of SolarWinds, the Orion systems management tool was infected, allowing the attackers to access 18,000 networks worldwide. From there, they were able to sneak into the systems of at least five US federal agencies. This impressive hack requires significant resources and who else but Nobelium, a group of hackers under the Kremlin’s tutelage, to carry it out.

In the case of Asus supply chain attack in 2019, while 57,000 people installed the malware, the criminals were really only interested in 600 specific machines.

The Supply Chain Cyber Security Threats

Supply chain cyber security threats include vulnerabilities within the supply chain that can be exploited by cyber criminals. These threats include supply chain partners, information sharing, and vendor selection.

Supply chain partners include any company that is involved in the supply chain of a product. These companies may have access to sensitive data such as credit card information or personal information. Supply chain partners may be susceptible to cyber attacks, which can result in the loss or theft of data.

Information sharing is the exchange of sensitive data between supply chain partners. Supply chain partners can use this data for marketing purposes or for improving their products. However, this data may be vulnerable to cyber attacks, which can result in the loss or theft of data.

Vendor selection is the process of selecting suppliers for a product or service. This process involves evaluating potential suppliers based on their qualifications and history of providing quality products and services. However, selecting the wrong supplier can expose businesses to supply chain cyber security threats such as malware or ransomware infections.

How Does Supply Chain Attack works ?

A supply chain attack often uses a series of tools to achieve its goal – the name refers more to the vector through which the attackers pass than to the technologies used.

For example, an attacker can enter the system of a third-party service through phishing, and then turn it into a Trojan horse, i.e., software that looks legitimate but has a malicious component that is intended to spy or destroy. The attackers then just have to wait patiently for the technology to be provided and installed by the target companies… Then, they launch their real project, whether it is to block systems, take control of them, steal data, etc. NotPetya, the most expensive cyberattack in history, began with the infection of a Ukrainian accounting software, MEDoc, before spreading across the globe. Google security researchers and several governments blamed the attacks on the Russian government, specifically the Sandworm hacker group, a member of the Kremlin’s intelligence services.

When REvil ransomware group decided to activate its attack in July 2021, it not only hit Kaseya’s customer base, but also the one below it, using profiles like those of MSPs. This is because the attack on Kaseya had a cascading effect: the attackers first infected the VSA software, which was used to manage computer fleets remotely. This means that the technology had access to a relatively high level of privilege on these machines: it allowed a large number of changes to be made. Of the 36,000 customers claimed by Kaseya, many were “managed service providers,” or MSPs, who offered their services to their own network of small businesses.

How To Protect Against Supply Chain Attacks ?

The cybersecurity battles are always imbalanced. Companies must block every hole, defect, and weakness that may be exploited by an assailant. Attackers only need to find one of these vulnerabilities to penetrate the next phase of their operation. However, in an assault from a third party, it’s vital to safeguard against the potential compromise of software and services (and not to become paranoid and alienate the company’s vendors). If someone’s phone provider was compromised and listening in on conversations, it would be nearly impossible to detect. Individuals would be in the same scenario.

Still, some best practices exist that cybersecurity experts recommend, including the use of computer security threat detection and response technologies. Another approach, at the level of corporate policies, would be to decide to reduce the number of suppliers to facilitate cooperation and control of the tools used.

Tags: Business RiskComplianceransomwareSupply ChainSystemic Risk

Categories

  • Cybercrime
  • Malware
  • Vulnerability & Weakness
  • Threat Intelligence
  • Cyber Attacks
  • Cybersecurity
  • Offensive Security
  • Risk Management
  • Cyberdefense
  • Cyber Insurance

Popular News

  • The H-Factor: Turning Human Into The Strongest Link Of Your Cybersecurity Strategy

    The H-Factor: Turning Human Into The Strongest Link Of Your Cybersecurity Strategy

    0 shares
    Share 0 Tweet 0
  • Understanding and Mitigating the Risk of Computer Memory Exploitation

    0 shares
    Share 0 Tweet 0
  • Three Social Impacts of Ransomware Operations

    0 shares
    Share 0 Tweet 0
  • Methods to Conduct an Insider Threat Risk Assessment

    0 shares
    Share 0 Tweet 0
  • Cyber War, Undefined By Military, Rationalized By Insurers

    0 shares
    Share 0 Tweet 0

"Conquer Your Risk" is a corporate blog for Cybersecurity and Risk Management executives and specialists, sharing XRATOR experts' views on Cybersecurity, Threat Intelligence, Risk Management and Cyber Insurance.

Categories

  • Articles
  • Cyber Attacks
  • Cyber Insurance
  • Cybercrime
  • Cyberdefense
  • Cybersecurity
  • Malware
  • News
  • Offensive Security
  • Research
  • Risk Management
  • Scams
  • State of the art
  • Threat Intelligence
  • Vulnerability & Weakness

Quick Links

  • XRATOR
  • Our Experts
  • Privacy Policy
  • Contact Us

XRATOR® – copyright 2020-2021

No Result
View All Result
  • Contact Us
  • Homepages

© 2018 JNews by Jegtheme.

Manage Cookie Consent
We use cookies to optimize our website and our service.
By closing this windows, you automatically deny non-functionals cookies.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
Preferences
{title} {title} {title}
Manage Cookie Consent
We use cookies to optimize our website and our service.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
Preferences
{title} {title} {title}