Supply Chain Attacks

A supply chain is a network between an organization and its suppliers to produce and distribute a specific product to the final customer. A supply chain involves several steps to deliver the product to the end customer, such as moving and converting raw materials into the finished products, transportation of those products, and distribution to the end customer. The supply chain’s critical role players are- producers, vendors, warehouses, transportation companies, distribution centers, and retailers. Nowadays, an organization’s attack surface has increased drastically due to the increased number of suppliers and service providers handling an organization’s sensitive data.

The cybercriminal seeks to gather information about the target organization’s supply chains and then try to attack the supply chain’s weakest link. The target company can have an impenetrable security system, which may be a tedious task for cybercriminals. They switch on to the organization’s supply chains and try to gain access to the weakest link in the supply chain and then implant malware such as worms, trojans, viruses, etc. and modifies the source code of a manufacturer’s software and then try to gain access to the confidential or sensitive information about the target organization.

Data Hiding-

This is one of the essential anti-forensic technique as it includes hiding the data, which means hiding the very presence of evidence. There are various techniques by which we can hide data which are as follows-


Supply Chain attacks existing for ages

Recently, there has been an immense rise in supply chain attacks.

In 2013, the sales (POS) system hack’s target point eventually became a supply chain attack. The HVAC supplier was compromised, which had access to the target’s network to monitor the target stores’ heating and air condition

In 2016 and 2017, Notpeya and WannaCry worms respectively exploited Microsoft Windows SMBv1 vulnerabilities using the NSA eternal blue exploit.

In 2017, the infamous Cleaner attack occurred. The Piriform’s network was penetrated by the attackers and created rooting for around five months which was later on downloaded by millions of customers after an update of backdoor. Similarly, there have been massive supply chain attacks, with the most recent being the Solar Winds Attack. The attackers target the Third-Party Vendor, which is SolarWinds, to compromise IT management software called Orion. A software update was exploited to install the ‘Sunburst’ malware into Orion.

Supply Chain Attacks Mitigation Strategies

• Evaluation of Risk from Third Parties

• Appropriate Termination Clauses in Vendor Contracts

• Reviewing Confidential Data

• Limited Ability of users to install Shadow IT