What is a Supply Chain Attack?
A supply chain attack is a type of cyber attack that targets an often less secure third party organization to gain access to a different target or targets. Hackers may plant various malicious code in a third party business that interacts with typically larger, more secure targets and has access to that target’s systems as part of its day to day business.
In essence, by compromising one weak link in a supply chain, attackers potentially gain access to all of that organization’s clients. Other variations could involve simply breaching the less secure organization and stealing clients’ data directly from them.
How to Recognize This Threat: A supply chain attack can affect any type of organization, including financial firms, retailers, and governments to name a few. The SolarWinds attack of 2020 is a recent example, in which attackers planted malicious code in a software update that went out to thousands of SolarWinds’ customers. This then created a method for attackers to access its clients’ data systems. Hackers used the opening to spy on thousands of organizations, from U.S. government agencies to cybersecurity firms. A past high profile example was the Target breach of 2013.
How to Prevent This Threat: Stopping a supply chain attack requires more than simply strengthening your own network’s security protocols. Organizations must be acutely aware of any partners and ensure only those completely essential to operations have access to their data. And beyond that strict access control, organizations should collaborate with partners to ensure there are no weak security links in a supply chain.