What is a supply chain attack?
A supply chain attack, also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data. This has dramatically changed the attack surface of the typical enterprise in the past few years, with more suppliers and service providers touching sensitive data than ever before.
The risks associated with a supply chain attack have never been higher, due to new types of attacks, growing public awareness of the threats, and increased oversight from regulators. Meanwhile, attackers have more resources and tools at their disposal than ever before, creating a perfect storm. The recent SolarWinds attack is a prime example.
SolarWinds attack highlights supply chain risk
The news about last year’s nation-state attack against up to 18,000 customers of networking tools vendor SolarWinds just keeps getting worse. According to a recent report by the New York Times, the SolarWinds attacks, attributed to Russia, penetrated many more than a “few dozen” government and enterprise networks, as first believed. As many as 250 organizations were affected, and the attackers took advantage of multiple supply chain layers.
It’s a violation of the chain of trust, says Steve Zalewski, deputy CISO at Levi Strauss. “That’s the big issues with all of this third party stuff,” he says. “We don’t keep it in house anymore. We’re having to rely on third-party ways to establish this trust, and there’s no national way or international way to do that.”
