What is a supply chain attack (and how to prevent it)

822

This post was originally published by Edward Kost.

In December 2020, the U.S government announced that it fell victim to what is believed to be the largest security breach in the nation’s history. The breach occurred through an innocuous IT update from the Government’s network monitoring vendor, SolarWinds.


This monumental breach exposes a novel and powerful method of clandestinely penetrating even the most sophisticated security defenses through third-party vendors – supply chain attacks.

What is a supply chain attack?

A supply chain attack, also known as s third-party attack, is a data breach through a business’s supply chain network. Vendors require access to sensitive data when they’re integrated with internal systems. If a vendor is compromised in a cyberattack, it’s client’s could also be breached through this shared pool of sensitive data.

Because supply chain attacks occur at an offset attack surface, they’re difficult to detect before it’s too late. And because vendors store sensitive data for multiple clientele, a single supply chain attack often results in multiple businesses suffering an intellectual property breach.

Types of supply chain attacks

Software supply chain attacks target either the source code, update mechanism, or build processes of vendor software. A victim could be compromised by any of the following vectors:

  • Third-party software updates
  • Malware installed on connected devices, for example, external hard drives, cameras, phones, etc.
  • Application installers

How does a supply chain attack work?

 

Supply chain attacks piggyback legitimate processes to gain uninhibited access into a business’s ecosystem.

Read more here: https://www.upguard.com/