Sciextor

Supply Chain Attacks

A supply chain attack is a type of cyberattack that targets a trusted third-party vendor who offers services or software vital to the supply chain.

The attacker exploits the vendor’s access or product to compromise the security or functionality of the vendor’s customers or partners. Supply chain attacks can affect various types of assets, such as software, hardware, data, or networks

Supply chain attacks are on the rise because they can bypass the traditional defenses of the target organizations and cause widespread damage or disruption.

Some statistics on Supply Chain Attacks are

• Supply chain attacks rose by 42% in the first quarter of 2021 in the US, impacting up to seven million people
• In 2022, around 11 million customers were affected in supply chain cyber attacks worldwide - a far cry from the annual peak of over 263 million impacted customers in 2019. In the first quarter of 2023, over 60 thousand customers reported to be impacted by supply chain attacks
• The average dwell time for supply chain attacks is 63 days, meaning that attackers can remain undetected in the compromised systems for over two months
• The average cost of a supply chain attack is $4.2 million, which is 50% higher than the average cost of a data breach
• The most common types of supply chain attacks are software supply chain attacks (29%), hardware supply chain attacks (23%), and cloud supply chain attacks (21%)
• The most targeted industries by supply chain attacks are software and technology (28%), manufacturing (16%), and healthcare (15%)
• The most common attack vectors for supply chain attacks are phishing (31%), web application attacks (24%), and ransomware (17%)

What can you do

• Implement policies and procedures that define what constitutes a supply chain attack, how to report suspicious behavior, and what are the consequences for violating the rules
• Use access control mechanisms to limit the access privileges of users to the minimum necessary for their roles and responsibilities. Review and revoke the access rights of users who leave the organization or change their positions
• Use data loss prevention tools to monitor, detect, and prevent the unauthorized transfer, modification, or deletion of sensitive data. Encrypt, backup, and secure your data in transit and at rest
• Conduct regular audits and reviews of user activity logs, network traffic, and system configurations to identify and investigate any anomalies or deviations from the baseline
• Provide security awareness and training to your employees, contractors, and partners on the risks and best practices of supply chain attack prevention and protection. Educate them on how to avoid common mistakes, such as clicking on phishing links, using weak passwords, or sharing confidential information