Cyberattacks on supply chains continue to increase as criminals and state-sponsored hackers look for vulnerable prey. As the SANS Institute points out in a recent report on successful patterns for supply chain security, a number of high-profile incidents demonstrate the importance of creating or upgrading supply chain security.
- In April, Wipro, an outsourcer for many US companies, had its trusted networks compromised and used by threat actors to launch cyberattacks on the Indian firm’s customers.
- In May, Adobe’s Magento e-commerce platform and other third-party services in more than 7,000 business applications were compromised resulting in the theft of passwords and other sensitive information from a number of companies, including Ticketmaster.
- In May, a third-party contractor exposed sensitive credentials to the internal servers of the Universal Music Group, putting at risk sensitive information stored on those servers.
- In July, the UK’s Information Commissioner imposed a $230 million fine on British Airways — 1.5% of its 2017 net sales — after a malware infection at the airline’s website and on its app diverted sensitive information of about 500,000 customers to a malicious website.
“Supply chain security became more important to CISOs about four years ago when cybercriminals started going after the supply chain as a way to getting to a main target,” explains SANS Director of Emerging Trends John Pescatore, author of the report. He says that supply chain security has gained more notoriety recently because Russian and Chinese attacks on supply chains have stoked media interest in the subject.
“Threat actors increasingly prefer exploiting the defenses of third-party vendors and subcontractors because oftentimes these entities are leaving their door ajar to hackers,” adds Armond Çaglar, a principal at the Liberty Advisory Group, a consultancy based in Chicago.