Hackers Backstabbing Organizations with Supply Chain Attacks

Supply chain attacks, which are sometimes referred to as third-party attacks, can open target-rich surfaces for adversaries. According to a recent report from Accenture, these attacks are seen as one of the key trends in the future, risking the operations of the financial sector, Technology Service Providers (TSPs), Managed Service Providers (MSPs), and Cloud Service Providers (CSPs).

What makes it different?

Unlike common cyberattacks, such as spear-phishing, supply chain attacks are widespread and enable hacking at an enormous scale. By leveraging a third-party provider as a stepping stone, attackers have the potential to compromise hundreds of organizations at a time, including those with sophisticated cybersecurity.

Blackbaud breach highlights potential devastation

  • The ransomware attack at Blackbaud in May demonstrates the bigger impact of a supply chain attack. It took two months for the incident to come to light.
  • Blackbaud is a cloud service provider for many prominent institutions, including 105 charity organizations across the U.K, the U.S., and Canada.
  • After hacking into Blackbaud’s self-hosted environment, that lasted for more than two months, attackers had managed to steal sensitive data such as bank account information, social security numbers, usernames, and passwords.
  • The attack affected several of its clients that included the names of the Northern Light Foundation in Maine, Children’s Hospital of Pittsburgh Foundation, Saint Luke’s Foundation, Inova Health System, Harvard University, Atrium Health, and the University of Kentucky HealthCare.

Other supply chain attacks

  • The shipping industry that forms an integral part of the supply chain management recently came under the grip of cyberattacks. The systems and websites of the International Maritime Organisation and CMA CGM S.A were disrupted by attackers, preventing the smooth operation of businesses.
  • Besides this, Philadelphia-based eResearchTechnology, which provides clinical trial oversight software to drug makers and testing firms, was recently hit by a variant of Ryuk ransomware. This limited the operations of clinical trials in testing firms.

Faulty software also problematic

Vulnerabilities in software manufactured by third-party vendors are a major reason for supply chain attacks. During one such investigation, security experts found critical vulnerabilities in Wibu-Systems’ CodeMeter software license management systems, which could expose several ICS products to remote code execution attacks.

Bottom line

No organization is immune to cyberattacks. In fact, attackers are now starting to seek out ways to scale up their efforts to plant hacking components through malware that goes undetected in development pipelines. Having said that, organizations should have a solid vetting process in place to combat risks arising due to supply chain attacks.