Defend the Global Supply Chain

Chris Swagler | July 15th, 2024

 

Every new year brings with it new causes to celebrate and numerous sets of new challenges. Though it is necessary to look and move forward, it is also important to remain connected to past lessons and experiences. This is especially true when it comes to cybersecurity and other cyber-related instances.

One specific lesson that is vitally important to keep in mind in 2024 is the value and fragility of the global supply chain in its physical and digital components. Considering the increasing interconnectivity of systems and organizations, one breach in the chain can have a significant impact throughout the entire system.

What is the supply chain? The global supply chain is a network of interconnected processes, resources, and entities that collaboratively produce, distribute, and deliver goods and services. In the digital realm, the supply chain is the almost seamless integration of various technologies that either assist in optimizing the physical supply chain or do something similar entirely online through interconnected computer systems, networks, and digital service providers.

In its November 2023 brief on Supply Chain Resilience, The White House called supply chain risk due to cyberattacks a “source of systemic risk…in both the near- and long-term1.” Just as vital the supply chain is to the global economy, so is protecting and strengthening any of its vulnerabilities. Beyond standard business components, such as supply issues, demand fluctuations, or labor shortages, various destabilizing occurrences like terrorism (The Sun2, The Hill3) natural disasters, pandemics, and cyberattacks can create tremendous strain.

Why is the supply chain attacked? The expansion of AI will only serve to simplify accessing these connection points. From the perspective of a threat actor, the ability to crack into the supply chain opens the gates to dozens, hundreds, or even thousands of organizations. The supply chain is a highway to immense amounts of valuable, sensitive data and intellectual property. Successful attacks can have widespread consequences, impacting multiple organizations and their customers, making the supply chain an attractive target for economic, political, or competitive motives.

Third-party suppliers, providers, or contractors contribute to cyber risks in the supply chain by introducing vulnerabilities. Research published in Sonatype’s 9th Annual State of the Software Supply Chain provides some insight into the ease with which these threat actors gain initial access to the global digital supply chain. The exploitation of software vulnerabilities is a primary entry tactic. Data suggests 96% of downloaded software that has some sort of bug also has an updated and fixed release available; additionally, 1 in 8 open-source downloads has a known risk within its code4. These known risks are publicly noted within the National Vulnerability Database, which has posted more than 200 uncovered software vulnerabilities already in 20245.

In addition to these vulnerabilities, dependencies on external entities create potential entry points for threat actors. Weak security measures, inadequate data protection, or compromised systems within these third parties can provide unauthorized access, compromise data integrity, or disrupt operations.

The most significant supply chain attack of 2023 was the MOVEit incident. It has been reported by TechCrunch, Intellias, and others that this lone third-party breach cost more than 1000 businesses over $9.9 billion, affecting more than 60 million individuals whose data is housed or transported by an impacted company6.

How does cybersecurity fit? Cybersecurity is critical in safeguarding the global supply chain, including its digital systems, data, and communication channels. Protecting against cyber threats is essential to prevent disruptions, data breaches, and unauthorized access that could compromise the integrity, availability, and confidentiality of the supply chain processes.

Defending against supply chain attacks and protecting your organizational or personal data in the event of such a breach, can be helped with a few common practices.

  • Participate in Regular Training and Awareness Programs: Human error is the most significant contributor to successful data breaches. Companies should offer their employees and contractors frequent cybersecurity training and awareness programs to lower the risk of supply chain attacks. Training should include recognizing phishing attempts, using strong passwords, identifying social engineering techniques, and quickly reporting security incidents.
  • Implement Multi-Factor Authentication (MFA): Passwords alone are not enough to prevent unwanted access to sensitive accounts. Implementing MFA offers an extra layer of security, significantly lowering the risk of unauthorized logins. It’s a simple and effective strategy that provides a valuable defense against supply chain attacks.
  • Have Continuous Monitoring and Incident Response Plans: Constant security monitoring by a team of experienced engineers and analysts working out of a 24/7/365 SOC is a necessity for supply chain security. Companies should implement comprehensive monitoring services, either in-house or outsourced, and systems to detect anomalies, unauthorized access attempts, or suspicious network activities.
  • Build Strong Supplier Relationships: Effective communication and coordination between organizations and suppliers are critical to securing their supply chain. Building solid relationships can create a shared commitment to cybersecurity and better maintain data integrity. Companies need to make their security expectations obvious to their suppliers, including sensitive data protection, secure communication protocols, and compliance with industry-recognized security frameworks.

Effective risk management strategies and resilient supply chain practices are essential to mitigate these threats and ensure business and economic continuity. The global supply chain is a highly vulnerable system that can be protected with simple and readily implementable processes. In engaging some recommended actions and a commitment to cybersecurity, 2024 can prove to be more cyber secure than the past year, even with increasing risks.

If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.

Sources

  1. White House, The. Issue Brief: Supply Chain Resilience | CEA. 30 Nov. 2023, https://www.whitehouse.gov/cea/written-materials/2023/11/30/issue-brief-supply-chain-resilience/.
  2. Associated Press. “American Forces Engage, Destroy Houthi Gunboats in Red Sea Shipping Lanes.” The New York Sun, 31 Dec. 2023, https://www.nysun.com/article/american-forces-engage-destroy-houthi-gunboats-in-red-sea-shipping-lanes.
  3. Dress, Brad. “Houthi Squeeze on Red Sea Shipping Risks Enormous Cost to Global Economy.” The Hill, 31 Dec. 2023, https://thehill.com/policy/defense/4382064-houthis-force-cargo-ships-to-take-long-route-at-a-cost/.
  4. Understanding Open Source Adoption: Insights from the 9th State of the Software Supply Chain Report. https://www.sonatype.com/state-of-the-software-supply-chain/introduction.
  5. NIST. NVD – NVD Dashboard. https://nvd.nist.gov/general/nvd-dashboard.
  6. Page, Carly. “MOVEit, the Biggest Hack of the Year, by the Numbers.” TechCrunch, 25 Aug. 2023, https://techcrunch.com/2023/08/25/moveit-mass-hack-by-the-numbers/.

Categories

Connect With Us

Featured Articles

EDR Silencers
Responding to the Exigent Emergence of EDR Silencers
06 December 2024
Illusion of Invulnerability
How the Illusion of Invulnerability Can Elevate Business Risk
22 November 2024
Critical Role of Annual Assessments
The Critical Role of Annual Assessments for Preventative Cyber Care
11 November 2024
Cybersecurity Measures
Enhancing Cybersecurity Measures for Business Continuity
29 October 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

inside the soc

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
shadowspear platform

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
shadowspear demo

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.