Cybersecurity experts have long been concerned about the possibility of supply chain attacks mainly due to the chain reaction that can be triggered by just one attack on one supplier, which can lead to a compromise of the entire supply chain.
Approximately 62% of the attacks carried out by attackers are done using malware as an attack technique.
Cybersecurity professionals are probably better aware of malware than the average person who is not familiar with it. Malware is known worldwide due to the success of the program, which has thus made it a universal and ever-evolving threat to computer systems, networks, and organizations.
It is estimated that around 150,000 new variants of malware were discovered in 2019 by experts. It is estimated that by 2020, this number will have increased to 270,000. Security teams need to stay up-to-date on the latest ways to prevent malware attacks within their organizations because the threat posed by malware grows every year.
In the wake of the global pandemic, which disrupted many traditional business methods, the workforce became more dispersed. It relocated far from the traditional secure enterprise environments in which they would normally conduct business.
As a result of a large and increasingly vulnerable attack surface that hackers have taken advantage of during this period of upheaval, they have launched a record number of software supply chain and ransomware attacks to take advantage of the opportunity.
As a result of several recent attacks on supply chain companies (SolarWinds and Kaseya; Colonial Pipeline, NBA, and Kia Motors for ransomware), these companies have suffered significantly.
It is estimated that the number of supply chain attacks will increase by four in 2021 in comparison to what it was in 2020, according to the European Union Agency for Cybersecurity (ENISA). According to research conducted by ENISA, 66% of attacks target the code of the target to steal information.
What is a supply chain attack?
Supply chains are all the resources put together in a system that allows a product to be designed, manufactured, and distributed. A cybersecurity supply chain consists of hardware, software, and distribution mechanisms that can store and distribute data on a cloud or local system.
Attacks targeting supply chains are a method of infiltrating a company's infrastructure, especially through third-party suppliers who can access sensitive data, which is becoming an increasingly common type of cyberattack.
People mainly target software developers, service providers and technology providers.
As a result of the above attacks, malicious actors have gained access to source code, development processes, or update mechanisms, to distribute malware to legitimate programs to spread their malicious code.
A supply chain attack is one of the most effective methods of introducing malicious software into a target organization, especially if the business is large. A supplier or manufacturer's relationship with a customer is shaky, which is why supply chain attacks often rely on the trust between them and their customers.
It is difficult to envisage how a cyberattack on a software supply chain would work but in general, it is a cyberattack that targets the software and service providers within the digital supply chain of an organization.
These attacks are primarily designed to breach the security of target organizations by exploiting vulnerabilities or suppliers' systems to gain access to the data within them.
An attack in this manner may damage an organization's reputation, as the attacker may be able to access sensitive data and resources, disrupt operations, or damage an organization's operations.
Attackers exploit a wide variety of vulnerabilities during supply chain incidents, and exploitation methods that attackers use during these attacks come in a wide variety of forms. Trying to protect your business from supply chain threats is becoming increasingly difficult since supply chains can vary greatly from one industry to the next, and you must understand the most common attack paths you may identify and then deploy a multifaceted defence to combat them.
Supply chain exploits are a serious problem because they have a variety of causes, including a range of vulnerabilities. In the first place, there does not appear to be any unified governance model that can consolidate all stakeholders in one place: developers, end users, customers, and senior management.
It is common for software supply chain attacks to be caused by a weakness in one of the pipelines, services, applications, or software components that form the backbone of the software supply chain. Attacks targeting supply chains are unique in the sense that they typically begin with vulnerabilities found in third-party software, as opposed to your company's applications or resources that are vulnerable.
Cyber threats are constantly evolving, so it is important to keep up to date. A policymaking system that can support policymakers and practitioners in gathering up-to-date and accurate information about the current threat landscape is essential, both for policymakers and practitioners.
ENISA Threat Landscape is published annually in response to the need to provide a comprehensive overview of the threat landscapes around the world. According to these reports, based on publically available information, threats provide an independent evaluation of threats, threats agents, trends, and attack vectors as over the last nine months.
To interact with the broad range of stakeholders, ENISA established an Ad-Hoc Working Group on Cyber Threat Landscapes to receive advice on methods for drawing cyber threat landscapes, including ENISA's annual Threat Landscape, and to design, update, and review the approach required to do so.
Among the range fifth-generation, the agency analyses are artificial intelligence and fifth-generation networks, which are recent threats landscapes that the agency has been investigating.
This report is aimed at identifying the nature of supply chain attacks that are taking place and to examine the possible countermeasures which can be taken to counter them. ENISA published this report in 2012 (and updated it in 2015) which looks at the possible countermeasures to these attacks.