What are the most commonly used methods in supply chain attacks?

Supply chain attacks, also known as supply chain attacks, are becoming increasingly popular. In these types of attacks, hackers first look for vulnerabilities in a company’s supply chain, such as service providers that have low security standards. They then exploit technical flaws in the service provider’s systems to reach the actual target. To be able to arm yourself against this, it is important to know what kind of attacks you can expect.

Security awareness specialist SoSafe warns about this. The company outlines the most common methods of supply chain attacks:

Malware infections

Most supply chain attacks start with a malware infection. Cybercriminals secretly install malware on company systems, which slowly spreads throughout the supply chain. There are different types of malware that run different processes. Spyware, for example, monitors employees’ activities and retrieves their confidential login details. Ransomware is used to collect and encrypt data so that cyber criminals can demand the ransom. Backdoor malware, such as a Trojan horse, allows software to be controlled remotely and can also serve as a launch pad for a supply chain attack. This malware infection exploits technical vulnerabilities and other vulnerabilities in the supply chain.

Software vulnerabilities

There is no perfect program. Manufacturers test their products extensively, but there is no absolute guarantee of safety. Cyber ​​criminals look for vulnerabilities that they can exploit with their tools. Often, they only need temporary flaws that they can use for zero-day exploits, such as processing and running updates. We saw an example of this last January when the Okta authentication service was attacked by the Lapsus$ hacker group. Attackers exploited a vulnerability in Sitel, one of Okta’s service providers. They used dedicated remote maintenance software by logging into an employee’s laptop, and not revealing themselves to the public until two months later. This example clearly shows how long hackers can go unnoticed in systems and how quickly – and at scale – malware can spread through supply chains.

Social engineering

Not only technology is being tested, people are also being tested by cyber criminals. Using social engineering, hackers play on human characteristics such as trust and fear. Victims reveal confidential information, disable security features, or allow themselves to be tempted to install malware. There are different types of social engineering attacks, such as phishing or phishing (phishing via SMS or other messages). Users are often more careless with SMS and respond to them faster than emails. Last July, for example, attackers tried to trick Christine Lagarde, the president of the European Central Bank, into revealing her verification code for WhatsApp. To do this, they used the real mobile phone number of former German Chancellor Angela Merkel – but no one knows how cybercriminals got their hands on it. Fortunately, Lagarde was skeptical and called Merkel to ask about the letter, and the danger was averted.

Brute force attacks

Cybercriminals also use so-called brute force attacks to get their hands on sensitive data, such as internal credentials. These attacks are based on trial and error, with cybercriminals testing a variety of methods to guess the employee’s password. For this they use tools that automatically test all possible combinations. Once they successfully crack the right combination, it becomes easy for criminals to infect corporate systems with malware.

The role of awareness in preventing supply chain attacks

All of these attack methods show that vulnerabilities and vulnerabilities can have devastating consequences for organizations. Dr. Niklas Hellemann, CEO of SoSafe: “Despite, or perhaps because many of today’s technical security systems are in use, cybercriminals are becoming more persistent in their attempts to gain access to systems through humans. After all, people are always vulnerable to one thing: manipulation emotional.”

This underscores the importance of further integrating employees into coherent cyber security strategies, so that the risk of further cyber-attack chains can be mitigated. Hellemann: “Employees must be vigilant and aware of attackers’ tactics. But a simple explanation on paper or training is not enough, because passive knowledge is rarely applied and difficult to remember. Active knowledge is applied and reflected in security behavior. This is possible with modern security awareness training Practical exercises, concept training and realistic simulations The focus should always be on the needs of the student This is why using behavioral science and learning psychology is essential Gamification, for example, is very effective and increases user activation by 54 percent. When employees learn through simulations what to do in an emergency, they also know how to deal with it in real life.Cyber ​​risks can be reduced by up to 90 percent. With this kind of systematic and individual training measure, awareness is a huge step in The right direction is cyber security for the entire organization.”

Leave a Comment