When you are dealing with a supply chain, it is inevitable to omit the fact about supply chain attacks and their effects on customers. Hence that is what we will cover in today's session. Without any more wait, let's get to today's agenda. But before we move on to this session, make sure you are subscribing to our YouTube channel and enabling that bell icon so that you will never miss any insightful updates from Intellipaat. What is a supply chain attack?
How do supply chain attacks work? Types of supply chain attacks How industries identify supply chain attacks? How industries prevent supply chain attacks?
Few common examples Recap Without any further ado, let's move on to the first topic So without any wait, let's move to the first topic What is a supply chain attack? A supply chain attack happens when an attacker accesses a company's network via its vendors, suppliers, or any other portion of the supply chain. Because some supply chains can be fairly broad and can have complex relationships, some attacks can be quite difficult to spot. Most companies engage with dozens of suppliers for anything from materials to production materials to outsourcing and technology. Due to this, it's critical to protect the distribution network and ensure the companies you work with share your dedication to it.
Supply chain assaults have been involved in the several of the most serious and prominent cyber security incidents in recent years. While there may have been a number of factors behind the spike, the cyber epidemic is by far the most important. When many businesses have not been entirely prepared to adopt remote work and the cloud, COVID-19 revolutionized modern business.
Due to the cybersecurity skills gap, security teams are frequently understaffed, which causes them to be overworked and unable to keep up. Let's hop over to our next topic. How do supply chain attacks work?
An attack on the supply chain takes advantage of the trust that exists between the several entities. As they install and use the company's software within the networks or collaborate with them, as a vendor, all organizations have an implicit amount of trust in other businesses. However, the major versus supply chain assault operates is by using a supplier or vendor to spread viruses or other harmful softwares. For instance, a key vlogger installed on a USB drive can infiltrate a major retail organization where it records keystrokes to exact passwords for particular accounts. Then, cybercriminals have access to private company data, client records, and even payment information and more.
Types of Supply Chain Attacks Firmware An attack that introduces malware into a computer's booting code can be launched instantly. The malware starts running as soon as a computer starts up, endangering the entire system. Attacks on firmware are swift, frequently unnoticed if you're not looking for them, and very destructive. Hardware Similar to the USB keylogger we previously stated, Hardware attacks rely on an actual physical object.
To maximize their impact and harm, attackers will aim for a device that travels through the entire supply chain. Software One compromised application or a piece of software is all that is needed for a software supply chain assault to spread malware throughout the whole network. Attackers frequently aim for the source code of an application to introduce malicious code into a reliable program or computer system.
Now let's move on to our next topic which is How Industries Identify Supply Chain Attacks Rapid supply chain threat detection is essential for preventing irreparable damage. You may have identified supply chain assaults involving everything from firmware the software and beyond by using contemporary tools. Many businesses give their workers, partners and software an excessive amount of access and rights.
Supply chain attacks are made simpler by these overly generous permissions. Implement least privilege and provide each person and piece of software only the permission necessary to carry out their tasks. Partner companies and third-party applications do not require unrestricted access to every portion of the network. Network segmentation can be used to divide the network into areas according to business needs.
In this manner, even if a supply chain attack compromises a portion of the network, the remainder is still safeguarded. It is feasible to identify maliciously altered software such as the Orion updates by including security into the development lifecycle. Also, analysts in Security Operations Center or the SOC should defend against these threats in all organizational contexts, including endpoint, network, cloud, and mobile. Now let's get to our next topic which is how industries prevent supply chain attacks. Attacks targeting the supply chain profit from a lack of environment monitoring in a company.
A few excellent tools are necessary for its supply chain attack prevention. Here are a few prospects. SOC These IT specialists, known as the Security Operations Center or SOC, will carefully examine the cybersecurity infrastructure of your company to spot any issues or gaps in security. Additionally, They will respond to dangers, examine the result of any attacks and attempt to enhance your system.
EPM Use an Enterprise Password Management Platform or EPM that enables IT managers to enforce password security policies across the firm while providing total visibility into employee password usage to help prevent supply chain attacks. Decoy Attacks Use red and blue teams to stage decoy attacks. Your red team will stage a bogus attack to resemble a real danger, and the blue team will respond to it.
This can assist you in determining the operation of attacks, whether your present cybersecurity model is sufficient to thwart an active threat or not. Emergency Strategy In the event that any third-party provider is compromised or breaches your system, you should always have a backup strategy in place. You can visualize potential dangers that could come from your vendors and suppliers with the aid of a threat model. Access control restrictions.
It's a wonderful idea to limit the vendors access to your systems to reduce potential risks. In other words, restrict vendor access to only what is required for the job. Finally, re-strengthening the cybersecurity. Include cybersecurity training on a regular basis in your company's training program.
Every employee needs to be aware of the value of cybersecurity and how they contribute to the organization's overall security. Now let's move on to our next topic, few common examples. Now let us go through some of the infamous examples where supply chain attacks have happened before in the industry. 1. Updates to SolarWinds Orion Network monitoring software contained a backdoor that hacking group had hidden in them after gaining access to the company's production environment in 2020. Customers of SolarWinds who were using the malicious update experienced security problems and data breaches.
2. Computers were encrypted by the bogus ransomware malware known as the NotPetya. But it did not store the secret key for decryption. It is known as the viperizing it. When a Ukrainian accounting firm was hacked and Malwa was incorporated in a malicious update, the NotPetya attack started as a supply chain strike.
3. Over 3800,000 transactions on the airline's websites were compromised by a magecart attack that the British Airways experienced in 2018. An attack on the airline supply chain that spread to the British Airways, Ticketmaster and other businesses allowed for the attack to occur. 4. Over 1,000 customers were infected with ransomware by the RE Will ransomware gang thanks to Kaseya, a software provider for managed services providers or MSPs. The organization sought a 70 million US dollars ransom to release the decryption keys for each and every impacted consumer. Five, a hacker altered the bash uploader script used by the Kodkov, a software testing outfit to email the business code coverage information. By using a supply chain vulnerability the attackers were able to direct private data from Kodkov's clients including source code, secrets and more to their own servers.
6. And finally, a number of flaws were identified by the Checkpoint Research CPR in November 2020 that, when combined, can be used to take control of an account and numerous ethylation apps that are connected via the SSO. Because the attacker can install backdoors, to use in the future after successfully exploiting these flaws and taking control of the account, this vulnerability could lead to a supply chain assault. This has the potential to do significant damage that won't be discovered until it's too late to stop it. The Atlassian teams were informed of this information in a responsible manner by the Checkpoint Research and a solution was implemented to ensure that its users could safely continue to communicate information on the various platforms.
Now let us have a quick recap of the entire session. Initially we went through what is a supply chain attack and then we saw how do supply chain attacks work. After which we went through the types of supply chain attacks and then we saw how industries identify supply chain attacks. After which we went through how industries prevent supply chain attacks. And finally we went on to see a few of the common examples.
That's all for this session. Thanks for watching. Make sure you're subscribing to our YouTube channel and enabling that bell icon so that you will never miss any updates from Intellipaat. Just a quick info guys, Intellipaat provides an advanced certification in digital supply chain management. You will learn supply chain concepts such as procurement technologies, digital transformation, and digital supply chain blueprints.
Reach us out to know more.