![solarwinds supply chain attack solarwinds supply chain attack](https://panorays.com/wp-content/uploads/2020/12/Blog_-5-Key-Takeaways-from-the-SolarWinds-Supply-Chain-Attack.jpg)
information compromised in the supply chain can be just as damaging as that compromised from within the organization". The Information Security Forum explains that the risk derived from supply chain attacks is due to information sharing with suppliers, it states that "sharing information with suppliers is essential for the supply chain to function, yet it also creates risk. The threat of a supply chain attack poses a significant risk to modern day organizations and attacks are not solely limited to the information technology sector supply chain attacks affect the oil industry, large retailers, the pharmaceutical sector and virtually any industry with a complex supply network. In October 2008, European law-enforcement officials "uncovered a highly sophisticated credit-card fraud ring" that stole customer's account details by using untraceable devices inserted into credit-card readers made in China to gain access to account information and make repeated bank withdrawals and Internet purchases, amounting to an estimated $100 million in losses. ĪPT's can often gain access to sensitive information by physically tampering with the production of the product. According to an investigation produced by Verizon Enterprise, 92% of the cyber security incidents analyzed in their survey occurred among small firms. Generally, supply chain attacks on information systems begin with an advanced persistent threat (APT) that determines a member of the supply network with the weakest cyber security in order to affect the target organization. However, this article will discuss cyber attacks on physical supply networks that rely on technology hence, a supply chain attack is a method used by cyber-criminals. In 2010 when burglars gained access to the pharmaceutical giant Eli Lilly's supply warehouse, by drilling a hole in the roof and loading $80 million worth of prescription drugs into a truck, they could also have been said to carry out a supply chain attack. In a more general sense a supply chain attack may not necessarily involve electronics.
#Solarwinds supply chain attack install
Īlthough supply chain attack is a broad term without a universally agreed upon definition, in reference to cyber-security, a supply chain attack involves physically tampering with electronics (computers, ATMs, power systems, factory data networks) in order to install undetectable malware for the purpose of bringing harm to a player further down the supply chain network. A supply chain is a complex network of interconnected players governed by supply and demand. Ī basic diagram of a supply chain network, which shows how goods are moved from the raw materials stage to being acquired by the end consumer.Ī supply chain is a system of activities involved in handling, distributing, manufacturing and processing goods in order to move resources from a vendor into the hands of the final consumer. Supply chain management experts recommend strict control of an institution's supply network in order to prevent potential damage from cybercriminals. The Target security breach, Eastern European ATM malware, as well as the Stuxnet computer worm are examples of supply chain attacks.
![solarwinds supply chain attack solarwinds supply chain attack](https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2020/12/supply-chain-attack-feature.jpg)
Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018. Cybercriminals typically tamper with the manufacturing process of a product by installing a rootkit or hardware-based spying components.
![solarwinds supply chain attack solarwinds supply chain attack](https://www.domaintools.com/assets/blog_image/sunburst-timeline.png)
A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. ( December 2020) ( Learn how and when to remove this template message)Ī supply chain attack is a cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain. The references used may be made clearer with a different or consistent style of citation and footnoting. This article has an unclear citation style.