ConnectWise, an IT management software supplier, recently disclosed it was a cyber attack victim, conducted by a nation-state threat actor. Risk management services company LexisNexis also confirmed a third-party data leak affecting 360,000 customers, according to a news brief on TechTarget.
If you’re running an organization that doesn’t have a physical supply chain (not manufacturing or shipping goods) it’s easy to assume you’re immune to supply chain cyber threats.
In today’s interconnected world, however, if your company develops digital products or relies on tech systems and vendors for software supplies to enhance efficiencies and support innovations, you have a digital (IT) supply chain. And each link (hardware, software developer, and cloud service provider) on the chain is vulnerable to cyber attacks.
Knowing the risks that affect digital pipelines is critical in establishing essential cybersecurity strategies for supply chains in the IT ecosystem. In this post, we’ll discuss key threats that could compromise an entire information technology network and what to do.
Ransomware Attacks
The interconnection of tech supply chains and dependence on timely data exchange make them attractive targets for ransomware threats. Hackers deliver or inject ransomware through phishing, remote access vulnerabilities, or compromised software and credentials. After penetrating systems, ransomware scans for critical files, encrypts them, and disables security systems. Some ransomware variants attack backup systems to ensure victims can’t restore files once ransomware encryption holds data hostage. When ransomware encrypts files and backup systems, organizations have three choices: to lose data, recover info from replica backups, or pay ransom.
Paying ransom, however, doesn’t guarantee recovery of data. Recent statistics on ransomware recovery show only 13% of victims recovered data after paying ransom. To prevent ransomware attacks on IT supply chains, organizations should implement MFA (multi-factor authentication), Endpoint Defense Response (EDR), patch and update software, and backup all data. Training employees about phishing incidents can reduce ransomware attacks, as they present themselves as genuine emails, tricking teams to share sensitive information.
Third-party Vendor Vulnerabilities
A survey by SecurityScorecard found that 75% of third-party breaches target the software and technology supply chain and here’s why. IT supply chains involve multiple external parties, each with different levels of cybersecurity standards. Cyber threat actors often exploit the weaker links- less protected systems of contractors or subcontractors on the supply chain. After breaching the weak links, cybercriminals gain unauthorized access to customer information- name, credit card details, and addresses. LexisNexis recent hack, for instance, an unauthorized individual breached customer data through a third-party platform.
Hackers could also inject malware into networks after exploiting a zero-day vulnerability, for example, hence compromising operations. Organizations can mitigate such vulnerabilities by assessing how third-party handle data, prevent risks, and their compliance with regulatory standards. Regular security auditing, ongoing monitoring, and contractual agreements can also minimize vulnerabilities on third-parties.
Lack of Visibility Across Supply Chains
Limited oversight across third-party contractors is another cyber threat to the supply chain. Organizations find it difficult to enforce equal security measures over a range of third-party vendors because of varying basic security requirements across industries. As Tim Mackey, Black Duck’s head of software supply chain risk strategy, explains: There’s a level of complexity in risk reduction linked to software supply chains based on the use of AI tools and open-source software (OSS). When organizations treat OSS the same way as AI source code, they ignore the fact that, with OSS, there can be multiple release origins. That said, it’s essential for businesses to have robust risk evaluation processes to cover all software origins, even those without business relations.
IT or digital supply chains are perfect targets for cyber criminals because of their interconnected nature. Plus, they serve as avenues for exchange of critical data, which hackers need to scale their operation. Common cyber threats targeting tech supply chains include vulnerabilities on the side of third-party vendors, ransomware attacks, and limited visibility over the supply chain.