Federal Nation-State Attack Shows Supply Chain Risk Danger
Every Business Needs to Take Precautions Against Supply Chain Risk
While there have been many lessons to learn from the massive cybersecurity disaster that the US Federal government experienced this week, one important lesson that every organization should take away from this is the often-overlooked danger of supply chain risk. No business is an island. If you’ve got suppliers, vendors or service providers for your business, you’ve got supply chain risk – and you need to take precautions to mitigate it.
Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>
Extending Trust Means Increasing Risk
This week’s incident is a great cautionary tale to remember when considering the implications of supply chain risk to your company’s cybersecurity. Just like most organizations, the US federal government utilizes a variety of vendors for specialty services. From operating coffee stands to supplying security solutions, they do business with thousands of vendors who directly interact with federal facilities and equipment. Each of those vendors represents a potential security threat.
Extending trust to vendors is part and parcel of doing business. After all, you wouldn’t have chosen to develop relationships with these companies if you didn’t trust them to take care of a specialty service that’s outside of your business’ wheelhouse. However, you’re also giving them sensitive information about your business or access to critical systems to provide these services, and that exposes those things to additional risk.
Cybercriminals Will Find Your Defensive Gaps
In December 2020 the true impact of a massive, precisely targeted nation-state attack was felt by the United States government and many large corporations in the wake of a breach at cybersecurity software giant SolarWinds. A messy tangle of back doors, fake patches, malicious code, email compromise, phishing, and more was unraveled exposing the alarming fact that likely Russia-sponsored nation-state hackers had been inside US government and defense agency systems for months, accessing all sorts of information. The same group of hackers was also linked to attacks at Microsoft, Cisco, FireEye, and more major tech players.
Supply chain risk has become an issue that threatens every organization in every sector. Through the BlackBaud breach in 2020, hundreds of non-profit organizations experienced data exposure because of a hack at a trusted vendor. Unlike this incident, the cybercriminals involved stole data about those organizations from BlackBaud instead of gaining access to the affected organizations’ systems. That’s also an important risk to keep on your radar. As the Dark Web economy continues to grow in a market that’s hungry for data, ransomware and other data-stealing attacks are growing as well to keep feeding that demand.
The federal government was reminded of this issue in a hard lesson that serves as a great example of the potential repercussions of how even sophisticated defenses can be subject to defeat from supply chain risk. Nation-state hackers didn’t gain entry to federal agencies and systems by hacking in directly. Instead, they used a back door opened through a patch from a federal government supplier, SolarWinds. That then enabled the hackers to continue using this unassuming beachhead to fly under the radar and wend their way into all sorts of other places for months while escaping detection.
These nation-state hackers made a smart choice when it came to finding a simple, effective, devastating way to penetrate some of the world’s most critical environments: exploiting boring, routine maintenance. By sneaking malicious code into a seemingly routine software update, nation-state hackers were able to piggyback on the access that the federal government had given to a trusted vendor to do their dirty work – and similar damage from supply chain risk could happen to your business too.
10 Facts to Remember About Nation-State Cybercrime
Keep these facts in mind as you explore the danger that nation-state hackers could pose to your business:
- Over 90% of security alerts released by Microsoft about nation-state cyberattacks in 2020 warned of danger against non-governmental or infrastructure targets.
- Just over 60% of nation-state activity zeroed in on IT organizations.
- The next most common targets were commercial facilities, critical manufacturing, financial services, and the defense industrial base.
- Over a dozen states that are ranked by international relations experts as hostile to the United States and its allies are actively involved in launching offensive nation-state sponsored cyberattacks.
- Ransomware is the most commonly used tool✎ EditSign of nation-state cybercriminals.✎ EditSign
- The first half of 2020 saw 41,000 intrusions, a higher figure than the 35,000 detected during all of 2019, according to researchers.
- Interpol detected about 907,000 spam messages, 737 malware-related incidents, and 48,000 malicious URLs featuring COVID-19 honeypots traced to nation-state hacking groups.
- 52% of nation-state hacking incidents between July 2019 and June 2020 related to Russian hackers, with 25% traced to Iran, 12% to China, and the rest tied to North Korea and other smaller players.
- 25% of data breaches in the last 12 months have been tied to espionage.
- 36% of companies in North America reported nation-state threats in 2020
Limit Risk and Minimize Danger Fast
Entirely eliminating danger to your business from supply chain risk isn’t possible, but you can take several steps to mitigate it, reducing the chance of a cybersecurity disaster like a data breach at one of your vendors or service providers from becoming your problem too.
- Add secure identity and access management immediately. If you’re not already using Passly to secure the access points to your systems and data, you’re failing to do the easiest thing that you can do to protect your business from incursions. SEE VIDEO OF THE VALUE OF PASSLY>>
- Start using multifactor authentication now. This simple tool, included with Passly, puts a roadblock between bad actors and your systems and data because even if they do manage to snatch credentials to attempt entry, they still need a second identifier to unlock the door.
- Embrace single sign-on. Personalized LaunchPads for every user with Passly eliminates multiple IT problems at once. Not only does it reduce the burden on your IT staff from constant password and access resets, but it also gives them a quick, easy way to quarantine and remove access from a compromised user account.
- Use Dark Web monitoring to gain an advantage. With Dark Web ID, you’re putting a guardian on the job 24/7/365 to monitor that Dark Web for your company’s credentials and alert you if they appear in a Dark Web market or dump, enabling your IT team to act before the bad guys do. SEE VIDEO OF DARK WEB ID AT WORK NOW>>
- Upgrade and update security awareness training. Make sure that your staff is always looking for red flags like unexpected email activity or suspicious password reset requests with security awareness training that’s refreshed at least quarterly. BullPhish ID provides easy-to-understand security awareness and phishing resistance training that keeps your staff up to date on the latest threats. SEE VIDEO OF BULLPHISH ID IN ACTION>>
While your budget may be tight in a challenging economy, the damage that could be caused to your business by supply chain risk could be devastating. Contact the experts at ID Agent today for an assessment of your business risk and how our solutions can help you secure your systems and data at a price you’ll love.
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!