Criminal hackers employ various tactics to get into an organization’s technology infrastructure. One of the indirect ways is via supply chain attacks. While the organization might have robust cybersecurity controls built in, the hackers might use the organization’s supply chain in this case to break in. The entry into the organization via suppliers or partners or any others in the supply chain is the modus operandi of a supply chain attack.
How is it possible?
1. Using the weakest link in the supply chain
2. Injecting malware into one of the supply chain links
3. Exploiting known vulnerabilities
4. Introducing counterfeit hardware into the supply chain
The impact of a supply chain attack could be serious resulting in:
1. Unauthorized access to sensitive information
2. Intellectual Property losses
3. Service disruption
4. Lost reputation and customers
5. Financial loss
While the impact seems worrisome, there are ways to prevent supply chain attacks as well:
1. Employing detailed risk assessments of the supply chain
2. Vendor assessments
3. Follow security best practices such as encryption, digital signatures
4. Establish the process for ensuring an authentic supply of hardware and software
Youtube: https://youtu.be/w0qo7sBBAK4
Comments