The supply chain as a primary target for cyberattackers
With the steady progress of digital transformation in recent years, companies have become increasingly dependent on numerous partners and suppliers. This shift has led to a more complex IT infrastructure and significantly increased the attack surface that cyber criminals can exploit.
Attackers often target the weakest link in the supply chain in order to gain access to the entire system.
One example: In November 2024, the US software provider Blue Yonder was the victim of a ransomware attack that affected the operations of 3,000 companies in 76 countries. This leads to the question: How can we protect the entire supply chain from increasingly frequent and sophisticated cyber threats?
Opportunities and risks with open source and AI
Given the interconnected nature of corporate, supplier and partner systems, cybercriminals are increasingly targeting third parties to carry out their attacks and compromise corporate data and systems. SMEs and subcontractors are particularly vulnerable due to their limited cyber security resources.
Open source software components in particular offer an attack surface. As the coding code is public, attackers can research it for flaws and at the same time potentially exploit many software applications by discovering critical errors. However, the open approach also offers advantages. Popular open source libraries are continuously tested and improved by hundreds of contributors, leading to faster detection of problems and quicker updates.
Remote work, AI, work emails on your private cell phone: all areas of attack
Cyber criminals are also increasingly using social engineering to target employees with strategic access or highly privileged status within the IT infrastructure. This allows them to circumvent technical defenses with the help of human manipulation tactics. The rapid development of artificial intelligence has further refined these techniques, enabling ultra-targeted phishing campaigns, deepfakes and convincing mobile attacks. Finally, the rise of remote working and the use of personal devices such as cell phones for professional use have increased the attack surface for cybercriminals.
Defense strategies rely on Zero Trust and MFA
To reduce these risks, companies must implement comprehensive defense strategies. The right concepts, tools and partners must be used to combat potential attacks. The zero trust approach is a cornerstone of a strong cyber security strategy. It is based on the principle of "never trust, always verify".
This also includes implementing strong authentication methods such as multi-factor technologies, combined with strict controls and segmented access management. It is essential to ensure that only the right employees have the appropriate privileged status. In addition, access must be checked regularly and adjusted if necessary, especially for external suppliers or partners.
Regulations help to slow down supply chain attacks
It is equally important to ensure that all members of the ecosystem have adequate security protection, both for cybersecurity reasons and to comply with legal requirements. For example, under the Digital Operational Resilience Act (DORA) regulation, financial service providers must ensure that all their suppliers and partners meet established security standards.
Cybercriminals are increasingly targeting supply chains to infiltrate secure systems - exploiting smaller, less well-equipped suppliers and partners. To ensure business continuity and protect increasingly complex and interconnected IT infrastructures, companies need to develop and implement effective cyber security strategies and best practices. This involves working not only with third parties, but also with cybersecurity experts who can provide tailored solutions, advice and support to create the technical framework needed to protect the entire ecosystem while complying with regulatory requirements.
Source: Michael Veit, cybersecurity expert at Sophos
