Be aware of supply chain attacks

Many companies rely on external partners to make it all work. However, this is also something that hackers have figured out. They have started to make supply chain attacks on service providers and business partners in order to hit a bigger target. Below we review what a supply chain attack is, what the consequences of being hit might be, and what you can do to prevent an attack.

A secure connection

A supply chain attack is a type of hacker attack that targets the weakest link in a supply chain of companies. So even if your company has high cybersecurity, you could still be affected by a supply chain attack if some of your partners don't have good cybersecurity.

As a company, you rely more or less blindly on the partners you work with, and that trust goes both ways. You install and use each other's software and applications. You trust that their cybersecurity and software is as good as yours. When companies are well connected, there are a mutual trust to understand the technology and fundamental mechanisms that drive the business.

But not all companies have good cybersecurity.

Hackers know that businesses rely on collaboration between each other and service providers. So if they can find the weakest link in that cooperation, they can hit even more companies than if they were targeting just one.

Something hackers thus target is Managed Service Providers (MSPs). MSPs are service providers that offer, among other things, networks, applications, software and security infrastructure to businesses.

Therefore, MSPs are at the core of companies' cybersecurity. And this is why hackers will often find their way to MSPs. If they can gain access to the MSP, they can then gain access to the company's infrastructure - this way, as a company, you can get malware installed. This malware enables hackers to access personal data and company information.

The consequences of a supply chain attack

As mentioned before; hackers can eventually install malware into your company software. By doing so, they can create holes in the software, making the company's infrastructure unstable.

If a company gets an unstable infrastructure and software, it can quickly affect the business partners that the company is involved with.

Hackers can leak information about employees as well as customers of the company. It is common for IT criminals to carry out data leaks in companies in order to publish sensitive data. The hacker typically demands a sum of money to withdraw the leaked data from the public.

The danger of supply chain attacks is that many companies can be affected. If one main provider is hacked, all the companies' software will be compromised - and thus made available to the hacker, or shut down completely.

How to detect supply chain attacks

In order to effectively and correctly check for a possible attack, a company needs to have various verification processes in place. This ensures that all companies can undergo security checks, as well as being sure that they are legitimate security checks.

Indeed, it has been seen before that companies have thought a security update was legitimate, when it turned out to be hackers who had compromised the software.

That's why IT needs to know all the ways in and out of your systems, to make sure no one else can get in through them. If there is the slightest flaw in the pathways into the systems, the hacker will surely find that flaw and exploit it.

In addition, it's always a good idea to have a plan of action in place in case you are subjected to a cyber attack. This can include an overview of the company's pathways in and out of systems, a risk assessment of these inputs and outputs, categorisations of the most frequent cyber attacks and how to deal with these.

The IT department should test new software before it is rolled out to all employees. Testing various systems and updates should catch malware and potential hacker activity.

To sum up, you should:

• Know all the entry points into your systems.
• Be sure about software updates.
• Have an action plan for possible cyber attacks.
• Test new software before it is rolled out to the whole company.

How to prevent supply chain attacks

There are several things you can do, as a company and as an employee, to prevent a supply chain attack:

• The IT department can make an assessment of the various risks that may exist in the collaboration between you and a third party. As a company, you can always ask the service provider to do an assessment of their systems and software so that you are not at risk of cyber attacks due to service provider failures.
• You can minimise the number of employees who have access to install third-party software. This also minimises the number of people who could be affected by attacks.
• It is also a good idea to include all parties in the "supply chain" so that everyone is prepared in case of a cyber attack.
• You can review who has access to sensitive data and further minimise the number of people who have access.
• You should always be sure that a service provider deletes all data about your business as soon as your partnership ends.
• Finally, it's a good idea to invest in cybersecurity training. It's almost always human errors that can lead to cyber attacks. In principle, it is the employees who are one of the weaker links in the chain. Awareness training is an obvious opportunity to improve cyber security and strengthen your defences against the cyber threat.

It is harder to prevent supply chain attacks because there are so many links in the chain that need to be secured. And you cannot secure so many other links than your own, apart from maintaining communication and transparency between all companies as well as the service provider.

Once a hacker has a foothold in your systems, they can do immeasurable damage - both to the technical aspects of your business, but also to the personal ones of sharing confidential information and customer data.