Supply chain attacks are causing businesses rethink cyber security

March 6, 2019 Hazel Burton

When hackers target a supply chain, any weak links could be a point of entry. Just one vulnerability in one organisation could bring the whole chain crashing down. Discover how these attacks work and how to protect your business and your customers.

If you had to name the organisations that you could trust to keep your business-critical information safe, your suppliers would probably be high on that list. But, thanks to a growing type of cyber attack, your supply chain could be an open backdoor that lets hackers into your network.

What’s a supply-chain attack?

Supply-chain attacks are when hackers exploit security weaknesses in one system or company to gain access into an another organisation that buys their products. For example, a hacker could hide malware in a software update that is then automatically distributed from an unknowing supplier to thousands – even millions – of trusting customers.  

A growing cyber security threat

In 2017, a malicious backdoor was discovered within the security tool CCleaner, which was used to deliver malware to selected targets who had installed the otherwise legitimate tool. This attack is similar to the means of distribution of Nyetya (NotPetya) which utilised the legitimate update mechanism for MeDoc financial software to install and distribute wiper malware.

These types of attack are on the rise. According to a November 2018 study by Opus & Ponemon Institute, 59 percent of companies in the US and UK said they had experienced a data breach caused by one of their vendors or third parties.

It’s a major concern – not least because it goes against everything we thought we knew about trust and cyber security. Speaking about the CCleaner incident, Craig Williams from Cisco Talos said:

“These kinds of supply-chain attacks are especially insidious because they violate every basic mantra of computer security for consumers, potentially leaving those who stick to known, trusted sources of software just as vulnerable as those who click and install more promiscuously.”

Protecting your business against supply-chain attacks

Protecting against supply-chain attacks is vital for both vendors and customers. Whether you’re buying or selling technology, you need to ensure that you’re not the weak link in the chain. 

Endpoint protection – securing you and your employees’ laptops, tablets and work phones – is a crucial first step. The Cisco Talos researchers discovered the CCleaner attack while testing the company’s new exploit-detection technology for a customer. The rogue file gave itself away because it kept triggering the Cisco Advanced Malware Protection systems.

Using your network itself to detect anomalies provides another layer of defence. Tools like Cisco Umbrella have data analysis systems and threat intelligence integration which can block common malware methods. These include domain generation algorithms, which an infected computer would use to create domains which it then contacts to receive commands about how to go about its business. If you’re new to network security, we’ve produced a simple checklist for SMBs which covers the basics.

Get a 14-day free trial of Cisco Umbrella.

Protecting the integrity of your product – including any open-source components or off-the-shelf modules you include in it – should be as central to your development process as design and testing. The Register reported that in the twelve months leading up to September 2018, the use of compromised open source components was up 120 per cent. Hackers have even started inserting vulnerabilities directly into the code in the hope they will make it into released software.

The UK National Cyber Security Centre has produced a guide to supply-chain security, which goes into more details about steps you can take and covers further types of attack to the ones covered in this article.

You can also use our network security checklist for SMBs to get up to speed on the basics of protecting your business from online threats.

Is your business secure? Find out with our security checklist for small businesses.



About the Author

Hazel Burton

I'm the Marketing Storyteller for IT Security for Cisco's UK & Ireland region. That means I spend most of my time researching what those dastardly hackers are up to, and I also have a lot of conversations with my much cleverer research colleagues, in order to create content which seeks to inform people about the current threat landscape against businesses. IT Security is a subject I'm immensely passionate about, and what's most important to me is helping customers protect their livelihoods, and educating users not to leave the back door open. Outside of Cisco a big part of my life is improvisational comedy - I participate in weekly workshops at The Improvisation Foundation and perform on stage with my lovely fellow workshoppers once a month. Other than that I'm a big nerd when it comes to movies, as my blogs will no doubt unveil.

Follow on Twitter Follow on Linkedin More Content by Hazel Burton
Previous Article
Boost security by phishing your staff
Boost security by phishing your staff

Will your staff fall for a phishing attempt? Discover your vulnerabilities in just ten minutes with our fre...

Next Article
Security Essentials eBook
Security Essentials eBook

Are you on top of your network security or are you the weakest link. Don't put everyone at risk. Secure yo...

Read the latest Cyber Security trends

Get the report