From small businesses to Fortune 100 companies to the highest levels of government, no one is safe from digital supply chain attacks. With many organizations’ increasing reliance on third-party code, there is a growing threat of ransomware on the digital supply chain. In fact, Gartner data predicts that by 2025, 45% of organizations worldwide will have experienced such an attack. So what can enterprises do to combat these risks? To protect their digital supply chain, leaders must prioritize mitigating risks and ensure vendors implement security best practices.
Why are these attacks on the rise?
A recent report found that software supply chain attacks rose 300% in 2021. This meteoric increase was due in part to low levels of security in software development landscapes that left companies with vulnerabilities and misconfigurations that exposed them to these attacks. But how exactly do these attacks happen?
It starts with ransomware agents targeting IT management software systems and parent companies. After breaching those systems, they work their way down the line and attack the organization’s subsidiaries and trusted partners.
This was the case in one of the biggest attacks of 2021 against Kaseya, an IT solutions developer for managed service providers and enterprise clients. Over 2,000 of their customers received a compromised version of the product, resulting in the encryption of over 1,000 customers’ systems. Though the short-term damages of such an attack are enormous, the long-term damages are even worse. Fully recovering can take years, and the associated costs are hugely expensive.
Another prominent supply chain attack occurred in late 2022, spreading malware to over 250 media sites. In this case, the attackers compromised JavaScript code used to serve video and advertising content to regional and national newspaper websites. The malware established an initial access network for subsequent attacks and ransomware delivery to the media sites, but the full extent of the cyber attack and the impact on the affiliated sites was only known by the parent media company.
How can organizations protect themselves?
No single tool can fully protect an organization from supply chain attacks. If one tool in your tech stack is compromised, the consequences can be severe. Protection frameworks can always be breached. That’s why, to ensure protection, defense in depth is necessary.
The smartest organizations will layer their security policy with edge and endpoint protection, multifactor authentication, and recovery options like proper backup and storage. Additionally, implementing Ransomware Protection as a Service (RPaaS) is a comprehensive way to detect, protect and recover lost data. Also have an incident response plan which has been practiced at the ready just in case your organization is the victim of an attack.
However, having the technologies in place to protect your organization is not enough. Leaders must find the correct combination of people, processes and technologies to resolve any exploitable gaps in their systems. From an availability and cost perspective, this may be a challenge, but it is crucial to guarantee your organization’s protection.
Even though supply chain attacks are on the rise, if your organization is properly prepared and protected, restoring systems in the aftermath of an attack will be much smoother, and you may even be able to prevent breaches altogether.
