For a large majority of the world, the SolarWinds hack in December 2020 was the first real introduction to digital supply chains and their vulnerabilities. But the reality is that hackers increasingly have been vested in software supply chain attacks, which increased 650% from July 2019 to May 2020 alone.
Likewise, data from Netscout’s 2H 2021 Threat Intelligence Report shows that hackers remain laser-focused on attacking the digital supply chain. Specifically, there was a 606% increase in attacks against software publishers from 1H 2021, as well as a 162% increase in attacks on computer manufacturers and a 263% increase against computer storage manufacturing.
When hackers focus so much attention on attacking a particular area, it’s important to understand what it is and how your company can protect against such attacks.
Why Hackers Attack Supply Chains
A supply chain attack enables malefactors to compromise enterprise networks by attacking connected applications or services owned or used by outside partners, such as suppliers. Using the SolarWinds attack as an example, hackers focused their attentions on SolarWinds in order to gain access to a list of lucrative suppliers and customers.
In other words, a supply chain attack may start several companies removed from the intended target, making it harder to spot. Such attacks also are becoming harder to trace because many are carried out using open-source tools that are publicly available.
Perhaps more frustratingly, companies often don’t consider the risk serious enough to protect themselves against it. In a survey of executives from leading companies in the UK, 91% said cyberattacks are a high or very high risk to their business. Nevertheless, nearly a third admit to taking no action on supply chain security, and only 69% say they’re actively managing supply chain risks.
In its November 2021 report on supply chain cybersecurity, the UK’s Department for Digital, Culture, Media & Sport (DCMS) found that the biggest challenges to acting on digital supply chain risks were establishing control of the supply chain (86%) and the need to improve, evolve, and maintain security (85%). Likewise, barriers to effective supply chain cybersecurity risk management included low recognition of supplier cybersecurity risk, limited visibility into supply chains, and insufficient tools for evaluating the cybersecurity risk and limitations of suppliers.
What Happened in 2H 2021?
Although SolarWinds still holds the dubious honor of being the most recognized supply chain attack, threat actors haven’t stopped there. In July 2021, the Russian gang REvil launched a ransomware attack against IT infrastructure management provider Kaseya, demanding payment of $70 million.
Like SolarWinds, Kaseya boasts thousands of clients worldwide, most of which are managed service providers (MSPs) and internal IT organizations. As such, REvil was able to demand ransoms from more than 1,000 companies throughout the campaign.
Gain a better understanding of how digital supply chain attacks can impact your company by downloading the 2H 2021 Threat Intelligence Report.