Continuity Risk & Security

How attackers infiltrate the supply chain & what to do about it

With some security best practices, enterprises can significantly reduce the chances that a potential supply chain attack will affect business operations.

Attackers today are getting increasingly creative with how they target organizations, often utilizing the supply chain as a point of ingress — exactly the kind of thing that keep security pros up at night. Rather than attack their targets directly, attackers today are perfectly happy to compromise one of their third-party providers and accomplish their end goal that way.

Whether it’s a hardware provider further down the supply chain, a software provider that the organization outsourced some added features to, or a service provider, all can represent a potential point of entry. This dramatically changes the attack surface for the typical enterprise and, with recent highly publicized breaches such as ASUS and Docker, is negatively impacting once-inherent trust in the supply chain.

Recent attacks have even targeted patching processes and software updates, leveraging the very means by which organizations protect themselves against potential threats.

Read entire post How Attackers Infiltrate the Supply Chain & What to Do About It | Shay Nahari | DarkReadings
Advertisements

Comment here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s