60. Understanding and Mitigating Supply Chain Attacks
Introduction
Understanding and mitigating Supply Chain Attacks (SCAs) is a crucial element of cybersecurity strategy. With the increase in digital dependencies and interconnectivity, the modern supply chain has become increasingly complex, escalating the risk of cyberattacks.
In cybersecurity parlance, a Supply Chain Attack is an attack method that targets less secure elements in an organisation’s supply chain. The Australian Cyber Security Centre defines SCAs as “a cyber-attack that seeks to damage an organisation by targeting less-secure elements in the supply chain.”1
Understanding Supply Chain Attacks
Supply chain attacks involve the manipulation of normal business processes and/or systems, which can be done by infiltrating legitimate software development and distribution processes, modification of hardware or software at the manufacturing stage, and unauthenticated hardware or firmware on devices.
A classic example of a Supply Chain Attack is the infamous 2013 Target hack, where cybercriminals infiltrated the retail giant’s systems via one of its suppliers. Another notorious example is the SolarWinds attack which compromised the software update process.2
Best Practices in Mitigating Supply Chain Attacks
Mitigating Supply Chain Attacks is a multifaceted approach that involves an organisation-wide view of cybersecurity. Key considerations must be made across various fronts:
1. Risk Assessment: It’s important to conduct regular, thorough risk assessments of your supply chain to identify potential vulnerabilities. Use these assessments to document and gain a thorough understanding of every element of your supply chain, from your suppliers to the software used in your business operations.
2. Supplier Assurance: Manage suppliers carefully, ensuring they meet stringent security standards. It’s also vital to understand the cybersecurity measures they adopt and the pertinent actions to be taken should a breach occur.
3. Security by Design: Security must be integrated into your software creation methodology to counter threats from the onset. This concept, known as security by design, encompasses all aspects of the software, from the first line of code to the distribution process.
4. Employee Training and Awareness: Encourage a security-based mindset among your employees. Regular training and forging a culture of vigilance can significantly reduce the risk of inadvertent security lapses.
5. Incident Response Planning: Virtually no organisation is immune to supply chain attacks. Therefore, having robust Incident Response (IR) plans can significantly reduce the impact of such events when they do occur.
6. Cybersecurity Technology: Up-to-date, multi-layered cybersecurity technology is a straightforward, yet crucial, step in protecting your business from SCAs. It’s always recommended to have a combination of various tools that provide the shields at different layers.
7. Regular software updates: Regular software updates are key to ensuring optimal security against SCAs. Such updates frequently contain patches that fix identified vulnerabilities in older versions.
The resilience against Supply Chain Attacks is a product of proactive security policies and practices. While mitigating these attacks is complex, understanding them is the first step towards crafting an effective defence strategy. Every organization should be aware of its supply chain connections and potential risks to ensure its operations are secure from cyber threats.
References:
[1] Australian Cyber Security Centre. Supply Chain Security. [Online Link]
[2] Cybersecurity & Infrastructure Security Agency. SUNBURST and SUPERNOVA Malware. [Online Link]