Supply Chain Attacks Upend Company Security

Supply chain attacks are engineered by attackers to make victims wonder: how safe are my devices, really? There have been a number of these insidious and clandestine attacks upon devices and programs from perpetrators throughout the world. While scary, these attacks can be detected as they’re occurring—and even prevented. So “what is a supply chain attack”, and how can you defend your organization and customers against these massive new cybersecurity threats?

What Is A Supply Chain Attack?

A supply chain attack is when an attacker inserts harmful code or physical components into software or hardware made by a trusted brand. The goal of these sorts of maneuvers isn’t to compromise the individual who is directly attacked in the situation. Rather, it’s to plant a seed which can act as a catalyst to infect machines that come into contact with the compromised program or device—and that can be anywhere along the supply chain, hence the name. In doing so, attackers are able to spy on (and steal information from) potentially hundreds of thousands of unknowing victims.

These kinds of attacks are so insidious because of the nature of their targets—namely, products by well-respected brands in technology that have been audited for security before their release. Take SolarWinds, for example. This IT infrastructure and network management firm was unknowingly the victim of an attack in October 2019, when hackers believed to be directed by the Russian intelligence agency SVR interfered with software update version 2019.4.5200.8890 of the company’s network-monitoring tool, Orion. In doing so, the attackers planted the .NET class necessary to host malicious backdoor code planted as part of Orion’s update version 2019.4.5200.9083.

As a result, anyone—whether on a personal or company machine—installing those particular Orion updates had unknowingly allowed a Russian backdoor into their technological ecosystem. This cyberattack approach violated the security of companies such as FireEye, but also the US Commerce, Treasury, Homeland Security, and Energy departments. All this is to say that the answer to the question of what is a supply chain attack is simple: it’s no joke.

How Do I Detect A Software Supply Chain Attack Before It Happens To Me?

Having answered the important question of what a supply chain attack is, it’s now essential to understand how you can defend against this modern, dangerous threat to cybersecurity. Some actions you and your organization can take to prepare for software supply chain attacks include:

• Develop processes and strategies to ensure a safer use within your software product lineup

• Enable endpoint detection and response solutions to recognize and address any suspicious activities

• Establish code integrity policies allowing only authorized programs to run on your network

• Develop a comprehensive asset inventory to fully understand the flow of data throughout your organization

What Can I Do To Prevent And Combat Software Supply Chain Attacks Once They’re Discovered?

In the unfortunate event that you or someone at your organization discover a supply chain attack has occurred, there are measures that can be taken to combat the attack before it does any significant damage:

• Segment the network to prevent vulnerabilities and exploits from affecting other devices

• Establish a comprehensive incident response approach tailored to your organization’s needs and technology

• Restrict all connections to those on an approved list to ensure that critical devices won’t become infected by the attack

• Employ robust network defenses and monitoring to identify any abnormalities and restrict unsanctioned data flow

• Enact a full security impact analysis to learn how the attack happened, which components were affected, and how to mitigate these faults in the future

It’s also important to be open and honest when updating customers about supply chain attacks that may impact them. By sharing accurate and timely information as it’s available, you can demonstrate that your organization takes customers’ data security seriously.

SiteLock Secures And Protects Websites Against Harmful Attacks

SiteLock offers powerful website security solutions, such as daily site scans, automated malware removal, and vulnerability patching. With SiteLock on your side as your website security provider, you know your site is secure and safe end-to-end.

Now that you know how to secure your company’s supply chain against vicious cyberattacks, learn what ransomware is, and how it works.