Cyber attacks carried out by exploiting vulnerabilities in the systems of a victim's supplier are growing. Here's how cybercriminals know how to exploit the weak link in the chain.
The technical term used by experts is: supply chain attack. This type of attack is expected to grow. In 2021, it is expected four times higher than last year. What the ENISA repost highlights is that it is not enough to protect oneself; in fact, in an increasingly interconnected system, the weaknesses of a commercial partner become their own.
When a criminal has gained access to the systems of one company, he can safely monitor the behaviors and systems of another partner company from the inside and collect valuable information, strengthened by the trust between the parties and by exploiting less secure access channels. because friends. Very often, ransomware attacks are just the tip of the iceberg, because to be successful they have crossed other networks and used other vulnerabilities.
Hacker attacks on the supply chain
The situation has worried experts for years. In particular, it concerns the situation of large companies, which usually invest heavily in cyber security and equip themselves with good security measures, but the same cannot be said of the entire chain of service providers and commercial partners. Indeed, since they are mainly small companies they are much more vulnerable and the object of attention by cybercriminals, waiting for a vulnerability to be used to reach the real goal. Thus a single vendor can expose all others to risk: they are well-researched, planned attacks and too often detected very late.
According to recent studies in more than 66% of reported incidents, criminals have targeted a supplier's code to get to the customer. The weak link in the chain.
In April of this year, there was a ransomware attack that hit Quanta, an Apple supplier company, which data on new projects were allegedly stolen. A serious problem, therefore, and we are not talking about small companies. But the supply chain attacks don't stop there. In 2020, the software company Solarwind was attacked, and malicious code was installed in its management system sold worldwide. The result was that 18,000 networks were involved in the attack, including computer systems of US government agencies.