The rise of communication networks, the Internet of Things or digital weapons have opened the door to new threats for companies such as cyber-attacks.
In fact, the supply chain has become one of the main targets for cybercriminals. 82% of companies feel threatened along this process but, despite this vulnerability, only 43% respond to this challenge with a risk assessment of their suppliers or their software supply chain.
A low percentage, considering that the most effective way to address this new challenge is to carefully analyze and evaluate suppliers to ensure that they are secure, as well as to assess the ability of these suppliers to generate potential insider threats.
Companies focus on their own security and at best on potential external threats and overlook that the danger may come from their own suppliers.
What is a cyber attack on the supply chain?
A supply chain attack is when a cybercriminal gains access to a company’s network through its suppliers or supply chain. As these are very complex and far-reaching, attacks are very difficult to trace.
Companies typically work with dozens of suppliers, material suppliers, technology suppliers and even external workers.
It is therefore essential to protect our supply chain by ensuring that the companies we work with are firmly committed to security.
We must not forget that this type of attack can cause catastrophic damage in the short, medium and long term, and if suppliers do not have strict security measures in place, they are even more difficult to prevent and detect.
Typically, supply chain attacks consist of sending a virus or other malware through a supplier or vendor. The following examples can help us better understand what this threat is:
- Hardware attacks. They rely on physical devices.
An example would be a keystroke logger located on a USB drive, it can reach a large retail company and there record keystrokes to get hold of passwords for specific accounts. - Software attacks. They only require a compromised application or a piece of software to send malware throughout the supply chain.
They usually target the source code of an application by sending malicious code to this trusted application or software system.
Cybercriminals typically target software or application updates, which serve as an entry point. - Firmware attacks. Malware is inserted into the boot code of a computer and within a second the attack has been developed.
When the computer starts up, the malware is executed, putting the entire system at risk.
These attacks are extremely damaging because they are very fast and difficult to detect.
How to reduce the risk of cyber-attacks
Experts recommend, as a basic premise, increasing vigilance to identify and correct vulnerabilities in information systems through security updates, as well as running an inventory of interconnections with customers and partners to ensure monitoring.
In the case of suspicion of the organization itself, a supplier or a customer, it is advisable to use known indicators of compromise and log user activity to track lateral movement and conclude whether the organization is affected.
It is also critical to update or clean up the IT estate so that hosts and credentials are secure and if possible, develop a list of critical or attack-prone vendors and suppliers.
Other concrete steps to reduce supply chain attacks could include:
- Privileged Access Management (PAM) solutions. Giving IT administrators complete visibility into vendor access and password practices helps prevent attacks by cybercriminals.
In addition, it gives us the ability to enforce password security rules across the enterprise and can help us prevent vendors from accessing anything that is not strictly necessary for their work. - Invest in SOC (Security Operations Center) analysts.
They will closely monitor the company’s cybersecurity infrastructure to identify any problems or gaps in protection.
They also react to and combat any threats, analyze their effects and work to improve the system. - False attacks. One team creates a fake attack to simulate a real threat to which another team will have to react.
This way we can identify how the threats work and whether the company’s cybersecurity model is strong enough to stop them. - Training. Cybersecurity must be a fundamental part of the company’s training program.
Every employee must understand the importance of ensuring this security and their fundamental role in protecting their company. - Contingency plans. In the event that a vendor is compromised or compromises the system, it is essential to have a contingency plan in place.
On the other hand, risk models can foresee and show potential threats that may arise from the company’s vendors or suppliers.
Asmen is a company specialized in integral express transport services with direct presence in Spain, Portugal and Germany.
SCHEDULES
OPEN 24 HOURS A DAY, 7 DAYS A WEEK
ADDRESS
Cheste Circuit Business Park
C/ Alto de las Garberas, 2
46380 Cheste – Valencia
Telf: +34 96 384 10 63
Mobile: +34 687 71 55 69
asmen@asmen.es