How Supply Chain Attacks Could Affect Your Business

Jul 12, 2021

How Supply Chain Attacks Could Affect Your Business


With the Colonial Pipeline hack, Americans felt the pinch of cybercrime moving into their daily lives. The further breach of security systems at JBS caused havoc in the company's supply chain systems, endangering the nation's food supply.


As of July 2021, more than 800 American businesses are dealing with the effects of cyber threats like ransomware attacks. Supply chains are the product of a globalized world, and we tend to underestimate how fragile these systems are until threats expose the vulnerabilities.

Colonial Pipeline Co

What is a Supply Chain Hack/Attack?


Also known as a "value-chain" or "third-part" attack, a supply chain hack occurs when a cyber attacker infiltrates an organization's systems through outside providers or partners with access to your data and systems.


The criminal uses this access to initiate various malicious strategies to interrupt normal business functions and operations.

As a result, the business will either pay a ransom to the hacker or risk losing all data to encryption. It's no surprise that most companies succumb to the hacker's ransom demands.

 

Why Do Hackers Target Supply Chains?


With the frequency of attacks on the rise, it seems that hackers have more tools and strategies at their disposal. The breach of "FireEye," a government-contracted cybersecurity form, saw hackers make off with its toolkit of hacking tools. A few days later, the hackers penetrated the systems of Fortune 500 companies using a backdoor created through the "SolarWinds" updating software installed by the security firm. This attack left many top-level companies in America exposed to cyber-attack, with evidence pointing toward Russia as the source of the hack.


BitSight, a security rating firm, estimates the SolarWinds breach could end up costing companies involved in the attack as much as $90-million. The SolarWinds attack also threatened national security in the US, with SolarWinds having access to official government websites. So far, there are over 250 firms affected by the SolarWinds hack. Surprisingly, the attack also affected cybersecurity firms, including Microsoft and Malwarebytes. Data shows 97% of the top 400 cybersecurity firms experienced data leaks. The same data shows 91 companies have security vulnerabilities.

 

Understanding Open-Source Threats to the Supply Chain


Supply chain attacks affect more than commercial software. Any organization producing hardware or software for the market is a prospective target for hackers. Bad actors driven by nation-states have skillsets and vast resources at their disposal, allowing for the penetration of the most advanced systems. The Sonatype 2020 State of the Software Supply Chain Report states supply chain attacks on open-source projects are key issues for organizations. More than 90% of all apps feature open-source code, and some 11% have known security vulnerabilities.

The 2017 Equifax breach is a prime example, where hackers used a vulnerability unpatched Apache Struts framework. Another shocking statistic shows 21% of companies experienced an open-source- breach in the past 12 months.

 

How Can Companies Protect Against Cyber Attack?


As hackers increase resources and skills around locating and penetrating systems vulnerabilities, companies need to maintain optimal security protocols to stay safe. Start by speaking with us on how to stay protected and secure.

by Matthew Dickinson 21 Oct, 2024
We’re excited to announce that Yoozoom has officially joined the Windsor Telecom family as part of their mission to grow and expand across the UK. As a Leeds-based leader in unified communications, IT services, and networking solutions, Yoozoom has a proud legacy of helping businesses thrive. What does this mean for Yoozoom customers? Yoozoom will continue to provide the same high-quality services you know and trust. Windsor Telecom is committed to investing in our team and services, ensuring that we’re able to offer even more to our customers as part of a larger national network. A message from Windsor Telecom: "We’re thrilled to welcome the Yoozoom team and customers into the Windsor Telecom family,” said Pete Tomlinson, CEO of Windsor Telecom. “Their expertise will be invaluable as we grow our national presence, helping even more businesses use technology to deliver outstanding customer and employee experiences.” As part of Windsor Telecom’s UK-wide growth plan, Yoozoom is excited to embark on this next chapter and continue to deliver innovative solutions that make a difference. Stay tuned for more updates as we continue to evolve as part of the Windsor Telecom Group!
Small business owner? Need a new phone system? This is the guide for you.
by Simon Edward 26 Sept, 2022
Small business owner? Need a new phone system? This is the guide for you. Learn how to find a VoIP phone system that helps you smash your goals.
By 2025, all UK phone systems will be cloud-based.
by Simon Edward 19 Sept, 2022
By 2025, all UK phone systems will be cloud-based. If you're reluctant to switch sooner rather than later, read on for six advantages of a VoIP system.
Ten years ago, Skype was everywhere. Now… not so much. But what happened, exactly?
by Simon Edward 12 Sept, 2022
Ten years ago, Skype was everywhere. Now… not so much. But what happened, exactly? Read on to discover the truth behind Skype's rise and fall.
94% of all enterprises use cloud services – but do 94% know enough about cloud security?
by Simon Edward 05 Sept, 2022
94% of all enterprises use cloud services – but do 94% know enough about cloud security? Read on to find out more about staying safe in the cloud.
Do you even NEED two mobile phones for work?
by Simon Edward 22 Aug, 2022
Is it time to ditch the company mobile? We weigh up the pros and cons – and explore a third option that could save you cash and hassle.
Want to outsource IT support? Scratching your head over the options?
by Simon Edward 15 Aug, 2022
Want to outsource IT support? Scratching your head over the options? Choose the right IT company, first time, with our 5-step guide.
What is the true cost of an IT failure?
by Brian Rosten 08 Aug, 2022
IT failures cost more than you might think. Learn three ways to calculate the true cost of a failure and safeguard your business from tech disasters.
Time's running out – are you ready for BT's
by Simon Edward 02 Aug, 2022
In 2025, BT will switch off its ISDN and PSTN phone lines for good. Is your business ready for the change? Learn what's happening and what to do.
Learn 4 big reasons why phishing attacks work, as well as some useful tips to help you safeguard you
by Simon Edward 25 Jul, 2022
Phishing is on the rise. Learn 4 big reasons why phishing attacks work, as well as some useful tips to help you safeguard your business.
More posts
Share by: