Some organisations lack the necessary tools, resources, or expertise to tackle the increasing day-to-day threat posed by cyber criminals whilst continuing to focus on their strategic priorities. Others may simply fail to carry out check-ups because they trust their software providers to do this, or do not maintain regular patching processes. Unfortunately, it is these vulnerabilities that threat actors will always look to exploit.
Cyber criminals will take advantage of any opportunity to infiltrate an organisation’s network and access its most critical assets in order to leverage their confidentiality.
Security assurances given by vendors do not necessarily protect you from a data breach. Criminals are always on the lookout for organisations with even the slightest negligence of their systems or processes. So, the big question to ask is what would happen if you were the next victim?
Supply chain attacks seek to infiltrate your systems through a connected external partner or supplier. Rather than directly attacking a specific company, less secure connected systems are targeted.
This form of attack uses techniques whereby a criminal hacker, or state sponsored entity, slips code or another malicious component into a company’s software or hardware. These kinds of attacks use backdoor channels of legitimate software and hardware to gain access to an organisation’s information without authorisation.
These types of attacks on weaker systems are easier for criminals and are less noticeable once inside the chain, compared to directly hacking into an organisation’s own network. Hackers are looking to gain access to information by using source code, build processes, or update mechanisms, and infecting these legitimate software/platforms with malware.
Some attacks can indiscriminately target organisations that use software for monetary gain, and due to the methods used for supply chain attacks the number of victims can be huge. Others will intentionally target a specific organisation further along the supply chain from the initial entry point.
Threat actors look for unsecured networks, unprotected servers, or unsafe coding techniques in an organisation’s supply chain. This includes:
These are just some of the ways that cyber-criminals can gain access to your supply chain. Many are using updated hacking techniques and known vulnerabilities that haven't been patched, looking further down the supply chain for weaker, less secure networks.
Maintaining thorough security process reviews can help to mitigate risks associated with supply chains.
Vendors who do not follow best practices and security protocols are less likely to notice any code infections in their systems before releasing them into circulation. The number of potential victims is countless, especially on open-source and wide-reaching service providers, such as SolarWinds. Hackers will then attempt to cash in on the campaign by demanding ransoms from their victims, or stealing their sensitive and/or valuable data.
Supply chain attacks involve continuous hacking and infiltration into a firm’s software or hardware through different methods, including:
Once access is gained to a connected system, some of the attack types can include:
A malware attack occurs when malicious software such as spyware executes unauthorised actions in an organisation’s network. This software allows hackers into the system and its contents. They can then access data, restrict file access, or disable the software’s operations.
91% of all Cyber Attacks begin with a phishing email. Phishing is a social-engineering strategy where the hacker sends a malicious message to trick people into revealing their sensitive information, typically any login credentials and personal data.
Man in the Middle is essentially eavesdropping. When a compromised user communicates anything, the criminal can intercept the message without the victim knowing it. Cyber criminals can then use this information for extortion or blackmail.
Unlike all the other methods used in cyber-hacking, this one doesn’t breach the security perimeter but rather works to deny services access to a system. It involves using multiple online connected devices collectively known as botnets, which work to overwhelm a specific website using fake traffic resulting in the website’s unavailability to legitimate users. They can also be used to cover up malicious activities running in the background.
This is where SQL queries are injected into an application. These SQL commands affect the execution of predefined SQL commands. Attackers can then spoof identities, mess with existing data, and cause repudiation.
Cyber criminals can manipulate a vulnerable website so that it sends unauthorised scripts to the victims, enabling advanced attacks.
Most of the above-mentioned attacks and techniques have been in use for years, so how are they of use to third party actors? By corrupting vendors, backdoor entry can be gained into dozens, if not hundreds of potential victims due to lateral movement.
Supply chain attacks have been among the most common cyber-attacks globally in recent years, some examples include:
The techniques and channels used by cyber-criminals vary, but the most common avenues include:
There are numerous other threat areas that business owners and institutions must consider, but these are some of the most common methods and examples of recent successful supply chain attacks.
No one can guarantee a way to completely block potential cyber-attacks. However, an integrated approach to cyber-security can help to minimise the possibility of an attack and the harm that a successful attack can do. The significant challenge for having a foolproof cybersecurity defence is the ever-evolving cyber-attack tactics and threats.
Celerity’s Simulated Cyber Attack helps to mitigate such issues by routinely examining and testing security networks for vulnerabilities whilst a Managed SIEM can give organisations' full visibility of cyber threats as they occur leading to quicker remediation.
The basic requirements of all supply chain partners:
While it takes considerable time, effort, and finances to acquire and maintain supply chain IT solutions, it is equally important to invest in security.
The cost of regular testing and installing significant security controls and out-tasking a managed threat monitoring solution is massively outweighed by the extensive damage that a successful supply chain attack could do.