Cyber-attacks against digital supply chains are on the rise Supply chain compromises typically seek to introduce security flaws or exploitable features into hardware, software, or digital services, which are then passed on to customers Last year saw some significant examples of supply chain attacks, including the .compromise of managed service providers MSPs and several software products
In 2017, suspected Chinese hackers compromised several global MSPs, which deliver outsourced IT, HR and business services It is thought that the attackers obtained .commercially sensitive data from the MSPs and their clients, which included government agencies
According to the National Cyber Security Centre NCSC, MSPs represent a particularly attractive target as they have links to thousands of customers worldwide Even if a client has strong cyber security, it may find itself vulnerable if a trusted network link to an MSP is compromised
Last year also saw a number of supply chain cyber attacks targeting software Between 15 August and 12 September 2017, downloads of a free .computer clean-up tool known as CCleaner were infected with malware The incident is thought to have affected over two million downloads by both individuals and businesses, and resulted in further attacks against large technology and telecommunications companies in the UK, Taiwan, Japan, Germany and the US
NotPetya, the global malware attack that caused major disruption in June 2017, was also a supply chain attack Attackers managed to introduce malware into MeDoc, a legitimate software application widely used by businesses in Ukraine for handling tax returns The compromised MeDoc update infected users of the application, while the malware was then able to spread itself within networks
Why does it matter
Supply chain cyber attacks are seen as an increasing threat by cyber security agencies and cyber security firms Analysis from Symantec identified a 200% increase in attacks where hackers injected malware into the software supply chain This equated to one attack every month last year, .compared to four attacks in all of 2016
According to the UK’s National Crime Agency, supply chain .compromises are extremely difficult, and sometimes impossible, to detect Network monitoring can detect unusual or suspicious behaviour, but it is still difficult to ascertain whether a security flaw has been deliberately introduced as a backdoor or an error on the part of developers or manufacturers Services of almost any sort can be affected, particularly if they involve electronic connectivity or data import.