The supply chain is increasingly vulnerable to cyber attacks and this is causing serious problems for the company safety. The problem is that the modalities of these attacks are different, they change suddenly and unfortunately they are often not known. This is what the latest report by Enisaby title “Threat Landscape for Supply Chain Attacks“, Which analyzed 24 attacks that took place between January 2020 and early July 2021, noting that the security models put in place by companies are no longer sufficient to stem the risk since the attackers have already shifted their attention to supply chain suppliers. All this, according to Enisa, should lead to development integrated “supplier-customer” security models to mitigate the harmful effects.
Numbers in hand, the casuistry shows that in 2020 8 cases of accidents were examined from which information emerged. In 2021, in just 6 months, 16 incidents were reported. “Due to the cascading effect of supply chain attacks, threat actors can cause widespread damage to businesses and their customers at the same time. With good practices and coordinated actions at EU level, Member States will be able to achieve a similar level of capacity by raising the common level of cybersecurity in Europe“, he has declared Juhan Lepassaarexecutive director ofEuropean Cyber Security Agency.
The report reveals that an organization could be vulnerable to a supply chain attack even when its own defenses are good enough. Attackers explore potential new highways to infiltrate organizations by targeting their suppliers. Additionally, with the near limitless potential for supply chain attacks to impact numerous customers, these types of attacks are becoming more and more common.
To compromise clients under attack, the attackers focused on supplier code in approximately 66% of reported incidents. This means that organizations should focus their efforts on validating third-party code and software before using them to ensure they have not been tampered with or manipulated. For approximately 58% of the supply chain incidents analyzed, the targeted customer assets were primarily i dataincluding i personal identification data and the Intellectual property.
For 66% of supply chain attacks, suppliers either did not know or did not report how they had been compromised. However, less than 9% of customers compromised by attacks on supply chain he did not know how these occurred. All of this highlights the gap in terms of maturity in reporting cybersecurity incidents between suppliers and end users.
Among the recommendations suggested by Enisa are those of applying good practices and engaging in coordinated actions at EU level to achieve a common level of safety. To companies, in particular, the Agency suggests instead to identify and document suppliers and service providers; define risk criteria for different types of suppliers and services, such as dependencies on suppliers and customers, critical software dependencies, single points of failure; monitoring of risks and threats in the supply chain; manage suppliers throughout the life cycle of a product or service, including procedures for managing end-of-life products or components; the classification of goods and information shared or accessible to suppliers and the definition of the related accessibility procedures.