Today’s supply chain attacks are much more organised and finely targeted, and companies need a strategic approach to maintain visibility of threats and protect themselves, writes Phil Ashley, Director of Crossword Labs at Crossword Cybersecurity.
Over one third (39%) of businesses reported cyber security breaches or attacks in the last 12 months according to the UK government’s latest Cyber Security Breach Survey, and even higher among medium (65%) and large businesses (64%). And since customers and suppliers of a business of any size will inevitably be impacted, most attacks could be defined as supply chain attacks.
Supply chain attacks involve targeting an organisation by exploiting weak links in its supply network. They usually entail continuous network hacking or infiltration processes to gain access to a firm's network and cause disruptions or outages. The chain reaction triggered by one attack on a single supplier can compromise a complete network of providers.
The basic attack method - to trick a user into opening a file either as an attachment or clicking a web link to release malware into an organisation - has been used for a long time. In the past, these were done with more of a ‘hit and hope’ strategy for smaller potential gains. Today, they are much more organised and finely targeted, often with state-sponsored attack motives at play, such as the heightened risks posed by the war in Ukraine.
This more organised and targeted threat needs a strategic and organised response to ensure companies protect themselves and maintain visibility of threats wherever they sit within a supply chain.
Are you being watched?
In the case of a targeted supply chain attack an organisation is often monitored way before the the attackers make themselves known. Monitoring begins when an employee opens a file or clicks a link. The corporate network is then compromised, allowing attackers to conduct surveillance and select further targets, over weeks or even months. This information helps refine and design a more substantial attack to give them the rewards they seek.
Proactive approach to cyber security
More than ever before, organisations need to deeply engrain their approach to cyber security in a way that takes into account the complete supply chain. Human error – clicking on that link and inadvertently providing information to a third party – is always going to be the weakest point in a company and can never truly be overcome.
Cross-company strategies are needed that bring together procurement, IT, training, HR and operations to create policies, processes and a culture that puts cyber security at the heart of every role. From a technical standpoint, organisations should be employing technology that can proactively monitor their security posture at all times, detecting and analysing potential anomalous behaviours that may trigger cyber security incidents.
The same approach should be taken when assessing third parties. Every company should have in place supply chain assurance processes that enable third parties to be quickly and consistently assessed, not only at the point of onboarding, but at regular intervals throughout the relationship.
By taking a proactive, cross company approach to cyber security, companies minimise the risk of a successful attack.