Why Software Supply Chain Attacks Keep Catching Security Teams Off Guard

Supply chain attacks involving the use of software continue to rise. The damage they can do to a product, business, and brand is immeasurable and must be avoided.

A study by IBM found that the average security breach costs a global business $4.4 million. Now imagine that the breach had been hidden in a product supplied by the company, infecting its customers without them even knowing. That is the reality of a modern supply chain attack. These threats keep catching security teams off guard and must be tackled head-on.

What Is a Software Supply Chain Attack?

A software supply chain attack is a specific type of digital hack. This targets the applications and software used by business-to-business companies, often due to the more lucrative data they carry. They do this by looking for network protocols that are unsecured and use them to hide malware or change source codes.

What makes them really dangerous is that the malware is embedded in the software, which goes to buyers and consumers. As they give permissions to the app, they do so to the malware without even realizing it.

For a business, the damage is obvious. They have just supplied a product to customers that is infected with malware. Not only does this take a long time to untangle technically, but it also leaves them in a precarious legal position. It can also be extremely damaging to their brand reputation, and is one some may not recover from if the attack is large enough.

Recent Examples

One of the most recent examples was an attack on refresh tokens issued to allow Drift integrations. Drift is a tool used to link marketing platforms to other tools, like a website or CRM. This allowed the actors to infiltrate over 700 organizations, including emails, cloud networks, and more.

What made this more astounding was that in this case, malware was not even used. This was through a simple integration with a trusted software system, allowing hackers to simply take the data quietly and without a fuss. This shows that even trusted applications need constant and robust oversight when it comes to the supply chain. Keeping up to date with software supply chain news can prove helpful here, informing people on what threats and changes are afoot in the supply chain network.

How Do Supply Chain Attacks Take Place?

There are various ways that supply chain attacks are conducted, allowing hackers to gain access to software. The most obvious of these is social engineering. This is when the accounts of those working at the company are accessed, either by impersonating others at the company or clients, or through phishing emails. Credential-based hacking is another type of identity theft. This is when personal information like usernames, passwords, and others is stolen to gain access to accounts.

Looking for a way to find vulnerable build tools is another method. This is a software development tool that has security flaws and outdated components. It allows hackers to inject malicious code at the source as a product is being built using it, kick-starting the supply chain attack.  

Preventing Supply Chain Attacks

Start by assessing the risks within your supply chain. All supply chains and companies will have different levels of risk. For example, those who have access to more information of a sensitive nature are likely to be targeted. Therefore, you must assess if your business and IP are attractive to interference, and by how much. People working with government agencies, for example, will have extremely high threat levels.

From here, ensure that you have basic security protocols in place. This can easily be overlooked. It includes conducting vulnerability scans, updating, bringing in firewalls, and encryption methods. Even overlooking small sections can be disastrous.

Once you have your own house in order, start to look at those you work with. Are these people also following secure measures? You can do this by delving into their website and going into the terms and conditions. Don’t be afraid to ask them outright if you have any queries regarding security. Question the checks and processes they have in place. Doing this in conjunction with your legal team will make sure they are abiding by the terms of the contract and not cutting corners.

Even with this, supply chain attacks are so common that many companies are putting in place methods to deal with them when they do occur. This is astute and provides an end-to-end prevention and solution if the worst comes to the worst. As well as prevention, you should also consider limiting the damage done should this happen to you. 

Author Emma Clarke

Emma Clarke is a skilled writer with experience across technology, travel, culture, and everyday lifestyle topics. She is adept at breaking down complex subjects into engaging, reader-friendly narratives. Her adaptable approach allows her to bring clarity and quality to a wide range of subjects.

(7)