Norm presents The Forgotten Middle Brochure - Flipbook - Page 8
08
09
Supply Chain Attacks
An increasingly popular form of attack, supply chain or
“value chain” attacks are designed to do exactly as their
name suggests – compromise not only the initial victim,
but their network of customers, suppliers, investors and
partners as well. Again, these attacks vary greatly in
terms of how the initial breach occurred – a malicious
link or attachment sent via email, or an unpatched
vulnerability on a server – but the objective of the hacker
is to use this as the platform from which to attack other,
potentially bigger and more lucrative, organisations in
the chain.
The SolarWinds breach is a high profile example of this
type of attack. Towards the end of 2020 cyber security
company FireEye disclosed that it had become the victim
of a highly sophisticated cyber attack which resulted in
the compromise of some of its Red Team penetration
testing tools.
Phishing
The subsequent investigation revealed that the
breach occurred as a result of a software supply
chain compromise dating back to Spring 2020.
Sometimes the simplest and straightest route is the
most effective, and phishing attacks are a perfect
example of this when it comes to cyber attacks.
FireEye revealed that the compromise was delivered
through malicious updates to the widely used Orion
network monitoring product developed by SolarWinds.
This was a highly sophisticated attack, and it later
emerged that FireEye was one of many public and
private sector organisations affected by the breach.
Phishing, spear-phishing and whaling continue to be
low-cost, high-reward strategies used by hackers and
cyber criminals to gain access to user credentials.
A modest email with a suitably enticing link or attachment
is often all it takes for an unsuspecting user to take
action, inadvertently inviting the perpetrator to harvest
personal data, withdraw money and/or extract personal
and potentially sensitive data to sell to other malicious
actors.
The reason that these types of attack are of particular
concern for midsize organisations is that their customers
and other stakeholders – such as banks – know that
while their supplier or customer may not be a particularly
attractive target, simply by being part of its ecosystem
they make it more so, and they put all parties in the value
chain at greater risk.
This is why many large corporates are now demanding
that their suppliers and partners adhere to the same
cyber security standards as they do. The pressure is
mounting on midsize organisations to prove that they
are up to the job.
*Your cyber security is only as strong as your weakest link
A successful phishing attack often heralds the beginning
of other, more widespread and damaging actions such
as ransomware and supply chain attacks.
Without exception, the most effective way of preventing
a phishing attack is to educate your users to be cyber
aware and train them to recognise suspicious emails
and activity.