North Korean state hackers start targeting the supply chain


Once again, we see that cybercriminals are exploiting vulnerabilities in the supply chain in order to wreak havoc on large enterprises. In this case, the Lazarus hacking group targeted a South Korean think tank through a Latvian IT vendor, reflecting the same strategy that was used in the SolarWinds and Accellion breaches.

These types of cyberattacks drive home the fact that an organization is only as secure as the third parties to which it is connected.

This is why it’s so essential for every organization to have a robust and automated third-party security risk management process in place that assesses and continuously monitors the cyber posture of all suppliers, vendors and business partners.