Supply chain attacks are engineered by attackers to make victims wonder: how safe are my devices, really? There have been a number of these insidious and clandestine attacks upon devices and programs from perpetrators throughout the world. While scary, these attacks can be detected as they’re occurring—and even prevented. So “what is a supply chain attack”, and how can you defend your organization and customers against these massive new cybersecurity threats?
A supply chain attack is when an attacker inserts harmful code or physical components into software or hardware made by a trusted brand. The goal of these sorts of maneuvers isn’t to compromise the individual who is directly attacked in the situation. Rather, it’s to plant a seed which can act as a catalyst to infect machines that come into contact with the compromised program or device—and that can be anywhere along the supply chain, hence the name. In doing so, attackers are able to spy on (and steal information from) potentially hundreds of thousands of unknowing victims.
These kinds of attacks are so insidious because of the nature of their targets—namely, products by well-respected brands in technology that have been audited for security before their release. Take SolarWinds, for example. This IT infrastructure and network management firm was unknowingly the victim of an attack in October 2019, when hackers believed to be directed by the Russian intelligence agency SVR interfered with software update version 2019.4.5200.8890 of the company’s network-monitoring tool, Orion. In doing so, the attackers planted the .NET class necessary to host malicious backdoor code planted as part of Orion’s update version 2019.4.5200.9083.
As a result, anyone—whether on a personal or company machine—installing those particular Orion updates had unknowingly allowed a Russian backdoor into their technological ecosystem. This cyberattack approach violated the security of companies such as FireEye, but also the US Commerce, Treasury, Homeland Security, and Energy departments. All this is to say that the answer to the question of what is a supply chain attack is simple: it’s no joke.
Having answered the important question of what a supply chain attack is, it’s now essential to understand how you can defend against this modern, dangerous threat to cybersecurity. Some actions you and your organization can take to prepare for software supply chain attacks include:
In the unfortunate event that you or someone at your organization discover a supply chain attack has occurred, there are measures that can be taken to combat the attack before it does any significant damage:
It’s also important to be open and honest when updating customers about supply chain attacks that may impact them. By sharing accurate and timely information as it’s available, you can demonstrate that your organization takes customers’ data security seriously.
SiteLock offers powerful website security solutions, such as daily site scans, automated malware removal, and vulnerability patching. With SiteLock on your side as your website security provider, you know your site is secure and safe end-to-end.
Now that you know how to secure your company’s supply chain against vicious cyberattacks, learn what ransomware is, and how it works.