Before a supply chain can be improved, it must be understood. Rather than attacking one target, it is more effective to manipulate the supply chain to gain access to multiple targets. The 2013 Target breach was an example of a supply chain attack, as the hackers used credentials stolen from the HVAC provider, Fazio Mechanical Services, to gain access. The 2018 Ticketmaster breach was also a supply chain attack, as was the 2017 NotPetya incident. It is predicted that supply chain attacks will continue to increase in 2023 and beyond, as they provide a high return on investment for malicious actors. These attacks often target smaller organizations first, as they are less likely to have a strong cybersecurity setup. Large organizations should consider requiring their vendors to follow certain security best practices. Software supply chain attacks are a particular area of concern, as they have a large potential blast radius and can affect entire markets. Open source software libraries are particularly vulnerable, as they are often used to deliver software faster. To protect against these attacks, organizations should be aware of the open source software they are using and use software bills of material. Physical supply chain attacks are also a possibility, as seen in the Ukraine/Russia conflict and the Colonial Pipeline incident. To protect against these, organizations should review the security policies of all those in the chain and use compensating controls such as egress filtering.
This Cyber News was published on www.securityweek.com. Publication date: Thu, 02 Feb 2023 12:17:02 +0000