Supply chain cyber attacks come in various forms, from brute force attacks to phishing schemes to employee sabotage, but increasingly, one particular type of malicious behavior has become a weapon of choice among bad actors: Ransomware.
Ransomware incidents prevent or limit victims from accessing their networks until a ransom is paid to the attackers.
Ransomware attacks have been on the rise for several years running, but the supply chain sector is at particular risk when it comes to the impact of these incidents. In fact, more than half of global organizations have had a supply chain organization hit by ransomware, according to Trend Micro. And, research by Sapio Research reveals, almost 80% of global IT leaders believe their partners and customers are making their own organization more attractive to ransomware attackers.
It’s these “downstream” ransomware supply chain attacks that should have the industry worried. For example, a 2021 attack on an IT management software provider compromised hundreds of managed service providers and thousands of their downstream customers. That’s a real problem when, according to Trend Micro, only 47% of such organizations share knowledge about ransomware attacks with their suppliers. Another quarter said they don’t share potentially useful threat information with business partners.
So, how can a company reliant on a supply chain model protect itself when hackers target third-party vendors or suppliers to gain access to their networks and systems? Organizations generally have little control over the security postures of their vendors and suppliers, but there are a few steps companies can take to shield themselves from supply chain attacks, including:
- Conduct routine risk assessments. Spend time identifying and assessing each vendor and supplier. Criteria should include the provider’s stated policy related to cybersecurity and details outlined in contractual agreements on this front. Suppliers and vendors unwilling to share details about how they prevent and mitigate cyber attacks are likely a higher risk versus those with comprehensive plans that cover their business dealings.
- Craft incident response plans. Be prepared in the event of a supply chain attack by identifying backup providers, regularly backing up key data, and creating a plan for quickly communicating information and next steps to internal and external stakeholders.
- Educate employees. Often, ransomware attackers trick employees through phishing tactics and other phone or email-based scams. Appoint someone at the company as a single source of truth for dealing with specific changes, such as large financial transaction details.
- Monitor vendor and supplier security approaches. One way to approach this at contract negotiation time. Make it a requirement that third-party partners keep your organization apprised of their security stature. This could mean a requirement to notify you if a partner experiences a cybersecurity breach, even if it doesn’t impact you directly.
- Invest in AI-based solutions that can detect novel attacks. Consider investing in a platform that leverages self-supervised AI for threat detection. These solutions can provide comprehensive coverage of both known and novel attacks (like zero-day attacks) where other Ransomware protections can’t.
Supply chain cyber attacks and ransomware attacks against supply chains are a rising threat, but organizations that take a proactive, head-on approach can greatly reduce the chance of these attacks and lessen their impact when they do occur. Taking steps like running routine risk assessments, investing in modern cybersecurity solutions designed to combat ransomware, and establishing incident response plans can make all the difference.
Other MixMode Articles You Might Like
*** This is a Security Bloggers Network syndicated blog from MixMode authored by Christian Wiens. Read the original post at: https://mixmode.ai/blog/ransomware-and-supply-chain-attacks-how-to-protect-your-business-from-the-rising-threat-of-third-party-attacks/