What are supply chain attacks?

Supply chain attacks are an emerging kind of threat that target software developers and suppliers. The goal is to access source codes, build processes, or update mechanisms by infecting legitimate apps to distribute malware.

How do supply chain attacks work?

Supply chain attacks work by delivering viruses or other malicious software via a supplier or vendor. For example, a keylogger placed on a USB drive can make its way into a large retail company, which then logs keystrokes to determine passwords to specific accounts.

What was the first supply chain attack?

In fact, supply chain attacks were first demonstrated around four decades ago, when Ken Thompson, one of the creators of the Unix operating system, wanted to see if he could hide a backdoor in Unix’s login function.

What is supply chain security risk?

Supply chain security is a broad term that encompasses the efforts to reduce the risk of both external and internal threats such as terrorism, piracy, and theft, both in the real world and in the cyber-space.

What are supply chain attacks by cybersecurity provide examples?

Supply chain attack

• A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain.
• The Target security breach, Eastern European ATM malware, as well as the Stuxnet computer worm are examples of supply chain attacks.

Are supply chain attacks popular today?

The attackers explore new potential highways to infiltrate organisations by targeting their suppliers. Moreover, with the almost limitless potential of the impact of supply chain attacks on numerous customers, these types of attacks are becoming increasingly common.

Are supply chain attacks common?

Moreover, with the almost limitless potential of the impact of supply chain attacks on numerous customers, these types of attacks are becoming increasingly common. In order to compromise the targeted customers, attackers focused on the suppliers’ code in about 66\% of the reported incidents.

Was Target a supply chain attack?

Target supply chain attack Target USA suffered a significant data breach after cybercriminals accessed the retailer’s sensitive data through a third-party HVAC vendor.

Why is supply chain security important?

Importance of supply chain security Supply chain security should be a high priority for organizations, as a breach within the system could damage or disrupt operations. Vulnerabilities within a supply chain could lead to unnecessary costs, inefficient delivery schedules and a loss of intellectual property.

What challenge do supply chain attacks and living off the land attacks highlight for organizations?

Both supply chain and living-off-the-land attacks highlight the challenges facing organizations and individuals, with attacks increasingly arriving through trusted channels, using fileless attack methods or legitimate tools for malicious purposes.

What makes the NotPetya attack in Ukraine an example of a supply chain attack?

The devastating NotPetya attack was launched in part via a supply chain attack, when Ukrainian accounting software MeDoc was breached, resulting in a software update release that was laced with malware being pushed to users.