Supply Chain Attacks: Exploiting trust between organizations

Check Point Software Technologies, a global provider of cyber security solutions outlines how to protect your organization from a supply chain assault, citing supply chain as one of the primary targets for cybercriminals.  Although this trend is down to a number of factors, one of the most important is, undoubtedly, the cyber pandemic. 

According to Check Point Software Technologies, COVID-19 has clearly transformed the modern workplace, forcing many to remote working and cloud adoption when they may not have been completely prepared. As a result, security staff is overburdened and unable of keeping up.

“Supply chain attacks aren’t new but throughout last year they rapidly increased in size, sophistication and frequency, In other words, there was a 650% global increase in supply chain attacks. In a digital landscape that’s increasingly made up of complex interconnections between suppliers, partners and customers, the risk of vulnerability is increasing exponentially and businesses cannot afford to settle for second-best security,” explains Ram Narayanan, Country Manager, Check Point Software Technologies, Middle East. 

Last year’s high-profile supply chain assaults included SolarWinds, where attackers gained access to the company’s production environment and placed a backdoor in updates to its Orion network monitoring product.

Another case in point is the REvil ransomware gang, which used Kaseya, a software firm that provides software for managed service providers (MSPs), to infect over 1,000 clients with ransomware.

The cybercriminals also demanded a $70 million ransom to supply decryption keys to all impacted individuals.

“The cost of ransomware and remediation can run into the millions, yet it is something that can be avoided by taking a proactive approach to security and having the right technology in place to prevent malware from getting into the network in the first place,” Narayanan added. 

A supply chain assault, according to the company, takes advantage of the trusted ties that exist between various organisations. As a result, cyber criminals target a company with strong cyber security but an untrustworthy supplier. Attackers who have a footing in that provider’s network can utilise that link to relocate to a more secure network.

Check Point Software Technologies has highlighted the best approaches for detecting and mitigating supply chain threats in a recent publication.

Despite the danger posed by this threat, there are methods for protecting a business:

1. Implement a least privilege policy: Many organizations assign excessive access and permissions to their employees, partners and software. These excessive authorizations facilitate supply chain attacks. Therefore, it is imperative to implement a least privilege policy and to assign everyone in the company, as well as the software itself, only the permissions they need to perform their own work.
2. Segment the network: Third-party software and partner organizations do not need unlimited access to every corner of the corporate network. To avoid any risk, network segmentation should be used to divide the network into zones based on different business functions. In this way, if a supply chain attack compromises part of the network, the rest will remain protected.
3. Apply DevSecOps practices: By integrating security into the development lifecycle, it is possible to detect if software, such as Orion updates, has been maliciously modified. 
4. Automated threat prevention and risk hunting: Security Operations Centre (SOC) analysts must protect against attacks across all organizational environments, including endpoints, network, cloud and mobile devices.