EXECUTIVE SUMMARY:

The term ‘supply chain attack’ is not new. But with the recent attack that planted malware in CCleaner, the free, downloadable computer cleanup tool, the term suddenly started to gain more visibility.

In a nutshell, a ‘supply chain attack’ is the attempt to take advantage of a trusted relationship between businesses and/or businesses and customers in order to execute some kind of cyber attack.

As Lucian Constantin reports in Motherboard, “Attackers always try to choose the path of least resistance, but if that gets blocked, they adapt and find the next best way to reach their goal, even if it takes a bit more effort. It seems that we’re now entering the age of software supply chain attacks, a dangerous threat that takes advantage of the inherent trust between computer users and their software providers. And it’s not an easy problem to fix.”

Read the full story in Motherboard.