In this four-part series, Systal’s SOC Analyst Abbey Adegbola delves into the adversary trends affecting the ever-evolving cybersecurity landscape. Part four looks at the use of supply chain attacks and how they have emerged over time as a favoured tactic among threat actors.
Cybersecurity is a rapidly evolving field, and staying ahead of the latest threats is vital for all security teams, organisations and individuals alike. Most organisations are focused on the continued evolution of generative AI, but there are other critical adversary trends that will be crucial in the evolving threat landscape. In my time within cybersecurity, I have never seen any technology or trend explode like generative AI, especially with the frontier models such as ChatGPT and Gemini, but there are other prevalent and critical issues in cybersecurity as threat actors continue to advance in technique and complexity.
In the last of this series of articles, we look at supply chain attacks and how it has emerged as a favoured tactic among threat actors due to their ability to cause widespread damage and significant impact by compromising a single trusted vendor.
Supply Chain Attacks
In the digital age, organisations have become increasingly interconnected, relying on a complex chain of suppliers, partners and third-party vendors to deliver products and services. While this interconnectedness has brought many positives, it has also created a fertile ground for cyber-attacks, particularly supply chain attacks, which are expected to continue to escalate in sophistication, frequency, and impact. Supply chain attacks have become a favoured tactic for threat actors, enabling them to compromise a single trusted vendor and simultaneously access multiple organisations, potentially impacting thousands or even millions of users.
As organisations in various sectors such as healthcare, information technology, energy, and transportation become increasingly reliant on digital technologies, adversaries will continue to target third-party vendors and partners in the hope that by exploiting one company, they gain access to multiple others. This highlights the importance of conducting comprehensive due diligence and ensuring robust security practices throughout the supply chain.
Attackers will keep targeting vulnerabilities in software development and distribution, using compromised updates and malicious code in open-source projects to access numerous systems. These attacks can cause widespread disruption, impacting essential services and leading to significant economic and societal harm. This has happened in recent high-profile attacks such as the MOVEit supply chain attack of June 2023 and SolarWinds supply chain attack of late 2020.
According to Crowdstrike’s 2024 Global Threat Report, threat actors frequently seek to exploit trusted relationships to gain initial access to organisations across various industries and regions. These attacks capitalise on vendor-client connections, using two main techniques – compromising the software supply chain by deploying malicious tools through trusted software, and exploiting access to vendors providing IT services. Adversaries targeting third-party relationships are driven by the high potential return on investment (ROI), as compromising a single organisation can lead to access to hundreds or even thousands of downstream targets. These covert attacks are also more effective for attackers aiming to breach heavily secured end targets.
Protecting Your Organisation
While the threat of supply chain attacks will continue to grow, organisations can take proactive measures to mitigate risk. These involve conducting thorough vendor risk assessments, implementing strong authentication and access controls to critical systems, deploying robust threat monitoring and detection capabilities to identify potential supply chain attacks in real-time, and establishing clear procedures for responding to and recovering from supply chain attacks.
Systal’s Capabilities to Protect Organisations
It is highly essential for organisations of any size to have a robust and effective cybersecurity program, which encompasses the fundamental security practices, in place. However, many organisations find it difficult to create and maintain a robust cybersecurity program and healthy cybersecurity culture that can keep pace with the threat landscape. Systal offers a broad range of cybersecurity services from security operations, digital forensics and incident response to professional services that fully manage a customer’s security and protect their digital assets and environment. Our strong capabilities in continuous monitoring, managed detection and response can help organisations protect themselves against ever evolving and sophisticated cyber threats.
Systal Operational Services offer a comprehensive framework to protect your organisation’s digital health and resilience using cutting-edge technology. With a dedicated global SOC and proven Cyber Security Incident Response Team (CSIRT), our services are meticulously designed to proactively monitor, manage, detect, respond, and remediate potential cyber threats.
At Systal, we understand that the integrity of our supply chain is paramount to both our success and the trust our clients place in us. We take the risk of supply chain compromise very seriously, and have implemented a robust, multi-layered security approach to mitigate these threats. This includes the utilisation of advanced security technologies and a rigorous auditing schedule that sees us evaluated multiple times throughout the year as part of our supply chain assurance program. Our dedication to these practices ensures we can deliver services to our customers safely and effectively, while providing them with the confidence that any risk of a supply chain compromise involving Systal is fully mitigated. We stand ready to demonstrate our commitment to supply chain security to all clients. Get in touch with our team for more information.
Abbey Adegbola is an experienced Security Engineer working with Systal Technology Solutions. Abbey brings over seven years of IT support experience and SOC analyst experience into the Security team within Systal, providing security engineering support and L3 SOC analysis services to Systal’s customers and internal Security Team. Abbey is also a skilled malware analyst and reverse engineer who works to support the capabilities of Systal’s Cyber Security and Incident Response Teams.
Contact Systal's Experts