EXECUTIVE SUMMARY:
Ransomware attacks as distributed to and through a supply chain ecosystem evoke a particular kind of fear in the hearts of cyber security professionals. The level of damage associated with ransomware-based supply chain attacks has never been higher. As the threat landscape evolves, logistics companies, software suppliers, and other groups tied into supply chains may need to reappraise and revamp security.
Ransomware supply chain attack examples
When it comes to ransomware and the supply chain, a single breach can have an outsized impact. Think back to the Kaseya event, which affected between 800 and 1500 small-to-medium sized enterprises. Some of these companies were only able to conduct limited operations for weeks.
Previously, the SolarWinds attack enabled hackers to infiltrate as many as 18,000 organizations, including dozens of US government agencies’ digital ecosystems. It remains unclear as to whether the hackers were simply reading emails, exfiltrating intelligence or planting destructive code for future use.
Attacker motivations
Supply chain attacks are financially beneficial for attackers, bringing in much larger sums of money than they would otherwise expect to see from single-target attacks.
Supply chain management strategy: Reducing suppliers
According to a strategic consultancy firm, the average company retains 3,000 suppliers per US $1 billion in spend. Reducing the number of suppliers working with a given organization is possible, and may yield business advantages, but it cannot fully mitigate the potential for ransomware attacks that leverage supply chains as vehicles.
Stopping ransomware-based supply chain attacks
Attackers know that firms often lack expertise around closing supply chain-related security gaps. In some cases, employees lack the skills and capabilities to support requisite security approaches. In stopping ransomware-based supply chain attacks, your organization’s IT security team should be sure to:
- Upskill your IT security team, if needed.
- Conduct thorough risk assessments.
- Map suppliers and processes.
- Speak with security experts.
- Use endpoint detection.
- Leverage AI-based tools that can catch unknown threats.
- Develop incident response plans.
- In the event of a security incident, notify partners or customers quickly.
- Create a culture of continuous improvement.
Prevention and defense: In-depth
Organizations are often tempted to argue that they lack the resources to invest in adequate cyber security. Comprehensive cyber security can be expensive, time consuming to implement and can slow productivity. However, the cost associated with a ransomware attack that affects a supply chain can be much higher. Ransomware attacks that affect the supply chain can paralyze hundreds or thousands of companies simultaneously. Don’t be the catalyst.
If your organization does not make a concerted effort to plug supply chain security gaps, you could be leaving your doors (and those of your partners and clients) open to cyber criminals.
Supply chain security resources
To continue building reliable, new supply chain management processes for the digital age, please see the following resources:
- 10 extremely effective ways to prevent supply chain attacks
- Invisible malicious source code, sneaking through the software supply chain
- 4X increase in supply chain attacks, experts worried
- Blockchain for business: Approaches to risk management
Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.