MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

How to Minimise the Risk of Supply Chain Attacks

How to minimise the risk of supply chain attacks

Supply chain attacks aren’t particularly new but as we’ve seen from the recent SolarWinds breach, these attacks can be devastating and have far-reaching consequences.

Recent reports suggest that 50% of all cyberattacks now target the supply chain, and within the last year, supply chain attacks grew by 430%.

Supply chains are a vital part of business operations, but often these networks are large, diverse, and span a range of different countries. Typically, they won’t have the same robust cybersecurity defences in place which provides hackers with lots of weak points to exploit.

Why are supply chain attacks increasing?

The growing volume and severity of cyber attacks has prompted many organisations to invest heavily in cybersecurity. This tightening of defences has meant that hackers have had to become more creative in their attack methods and find new ways to infiltrate their primary target. The supply chain has provided hackers with an easy way to compromise much larger organisations.

There is also an inherent difficulty in detecting supply chain attacks. Most supply chain attacks will take place when hackers add a backdoor to a legitimate software application. This helps mask the malicious nature of the software, so it remains undetected by traditional cybersecurity defences.

Major supply chain attacks

Major Supply Chain Attacks

Some of the biggest cyber-attacks in recent history have resulted from third-party breaches. In 2014, US retailer Target suffered a huge data breach when one of its third-party vendors was compromised. Attackers were able to use this trusted connection to infiltrate the company’s network and steal the credit card data of over 40 million customers.

In 2018, British Airways suffered a data breach through a similar method, exposing the personal data of over 500,000 customers. The attack was highly targeted and used malicious code to redirect customers to a fraudulent website that harvested their details.

One of the most notable and sophisticated supply chain attacks to date is the recent SolarWinds cyberattack. Although the breach came to light in December 2020, the hack is thought to have begun back in March when hackers injected malicious code into the company’s Orion software system.

The compromised software pushed out malicious updates to over 18,000 customers including the US Treasury, Commerce, State, Energy, and Homeland Security departments, as well as multiple Fortune 500 companies including Microsoft, Intel, Cisco, and Deloitte.

The malicious code created a backdoor to the customer’s IT systems, which in turn allowed hackers to install even more malware to help them spy on different companies and organisations.

Details of the attack are still emerging, but the sheer scale and complexity of the breach demonstrates just how damaging supply chain attacks can be and how far-reaching an impact they can have.

How to prevent supply chain attacks

How to prevent supply chain attacks

As supply chain attacks become more sophisticated and prevalent, it’s essential that businesses take the right steps to reduce risk. Below are some practical steps your organisation can take:

1. Vet your supply chain

Taking the time to evaluate the security and privacy policies of all your suppliers can reduce the likelihood of a breach by 20%. Third-party suppliers should not be granted access to your network until you have fully vetted their current security practices. This should cover technical security controls as well as governance, risk, and compliance processes. By gaining full visibility to the risks posed by suppliers, your organisation can implement the right controls and processes to enable you to respond quickly and effectively to a breach.

2. Regular audits

Gaining access to sensitive data is often the primary motive behind all supply chain attacks. With this in mind, you should be taking all the necessary steps to protect your data by finding out where it resides and who has access. This will help determine how interconnected you are with your suppliers and what data and systems you share. In addition to performing an audit of your own network, you should also be auditing your third-party supplier’s activity on a regular basis. This will ensure that everyone is following the appropriate security controls and help identify any vulnerabilities.

3. Understand how supply chains are targeted

To address the risks posed to your business, you will need to gain a better understanding of how hackers could infiltrate your organisation. Attackers are becoming more creative in their attempts to compromise supply chains, but a large number of incidents can still be traced back to the theft of legitimate credentials to gain access to the main target’s network or by exploiting unpatched software. This can help inform your response to attacks and identify any areas that could be improved such as awareness training, regular software updates, and patching.

4. Third-party management and monitoring

It’s essential to regularly monitor and review activity between your organisation and third-party suppliers. This will help identify any unusual or suspicious activity. Logging activities on network devices and endpoints will make it easier to detect any anomalies which will prove invaluable in the event of a breach.

5. Form an incident response plan

It’s no good waiting until an attack happens before forming a response plan. To effectively deal with any incident that may arise, your organisation should have an incident response plan in place that will address the full range of incidents that could occur and set out appropriate responses. The supporting policy, processes, and plans should be risk-based and cover any regulatory reporting requirements. Third-party suppliers should also have an incident response plan in place so they can respond quickly to an attack and mitigate any potential risk to your business.

6. Cybersecurity awareness training

Every employee within your organisation needs to understand how data breaches can occur and how they can help identify threats and prevent attacks. Awareness training should educate staff on all aspects of security including company policies, password security, and social engineering attack methods.  By gaining a better understanding of these threats, employees will be able to react quickly in the event of an attack and help protect your organisation’s systems and data.

Cyber Security Awareness for Dummies

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Data Security Breach

Why is a Data Security Breach a Boardroom Issue?

Data security breaches have long since left the domain of the IT department and now sit firmly at the boardroom table. In today’s evolving threat landscape, board members need to be aware of the implications of a security breach and to be ready to take positive action.
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations

WEBINAR: 27th May 2021, 15:00 BST

The Data Breach Blame Game: Employees or Employers?