Please fill in the form below to subscribe to our blog

Supply Chain Risk for Ransomware Haunts Half of Businesses

April 06, 2023

Organizations no longer underestimate the importance of cybersecurity and investing in strong solutions. However, the advent of robust security protection has given impetus to an increase in supply chain attacks. These attacks occur when cybercriminals infiltrate an organization’s system through an outside partner or provider with access to their systems and data – 90% of global IT leaders believe their partners and customers are making their own organization a more attractive target for cyberattacks like ransomware. While supply chain attacks have been around for over a decade, they’ve gained steam in the last two years (especially ransomware incidents) as threat actors have shifted their focus toward suppliers. 

Get the scoop on 5 of the worst email-based attacks plus tips to protect businesses from them. GET INFOGRAPHIC>>

Why attack the supply chain?

The prime motive of cybercriminals is always to make money. In a supply chain attack, bad actors look to hurt a service provider or supplier and harm the clients who use the services or products of the affected supplier. Considering the fact that a supplier has many clients, the cascading effects from a single attack may have widespread repercussions. However, even though over half (52%) of global organizations know a partner that has been affected by ransomware, many businesses aren’t doing anything to improve the security of their supply chain or mitigate the ransomware risk heading their way from suppliers and service providers.

One big reason that bad actors pursue supply chain attacks is that they think that the security at SMBs may be less stringent than the cyber defense of larger, better-resourced organizations. For example, Target experienced a massive data breach after cybercriminals gained access to the systems of its HVAC service provider and leveraged it to enter Target’s environment. As the previously cited report shows, SMBs serve as critical linchpins in the supply chain, forming 52% of the suppliers and service providers that businesses rely on every day. That gives bad actors many opportunities to worm their way into another company through its supply chain.

How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>

Common techniques used to compromise a supply chain

Every business relies on suppliers and service providers, so every organization could be vulnerable to a supply chain attack even when its own defenses are good. While no two cyberattacks are really the same, these characteristics are common in supply chain attacks.

Malware Infection: Cybercriminals use malware in the form of spyware, viruses, worms and Trojan horses to gain access to a supplier’s systems. Once they have access to the systems, they modify the third-party code sources their target customers use to gain entry into their systems. Threat actors primarily use phishing emails to inject malware. 

Social engineering: Social engineering is another technique that starts with a phishing email. In this technique, cybercriminals use evasive social engineering lures to trick users into divulging their credentials, like usernames and passwords. Once they get hold of the credential data, they sneak not the company’s system and launch the attack.  

Software vulnerability: Unpatched software is the easiest target for adversaries to breach an organization’s systems. Attacks due to software vulnerabilities are insidious because they erode consumer confidence in software providers on whom organizations depend for security updates.

Brute force attacks: In brute force attacks, cybercriminals use trial and error hacking methods to crack passwords, login credentials, and encryption keys. It is a common technique to gain unauthorized access to user credentials and organizations’ systems and networks.

See how Managed SOC gives businesses an essential edge against cyberattacks. DOWNLOAD INFO SHEET>>

These 3 industries are especially vulnerable to supply chain attacks

Although any organization that shares data with third-party vendors or suppliers is at risk of supply chain attacks, some industries are constantly on cybercriminals’ radars. Here are some of the industries that are continually affected by supply chain attacks.

Healthcare: Healthcare is the worst-hit industry for supply chain cyberattacks. In fact, ninety percent of the 10 largest healthcare data breaches reported in 2022 were caused by third-party vendors. An instance is the ransomware attack on printing and mailing vendor OneTouchPoint that impacted more than 30 health plans and a total of 4.11 million individuals. Aetna ACE was among the hardest hit by this supply chain attack, impacting 326,278 patients. 

Finance and insurance: Financial and insurance institutions are a prime target for supply chain attacks as they deal with what attackers want most — money and personal information. Although the financial industry adheres to strict data privacy measures and employs robust security tools, they are attacked by cybercriminals through their vendors and suppliers, who sometimes lack adequate security posture. 

Manufacturing: The supply chain disruption due to the pandemic has also spurred the growth of supply chain attacks on the manufacturing industry. According to IBM’s X-Force Threat Intelligence Index 2022 manufacturing was the most attacked industry in North America with 28% of all attacks X-Force handled coming from the manufacturing industry. While finance and insurance topped the charts in the past, the manufacturing industry unseated them as the most attacked industry for the first time in five years. Besides, with the growth of smart factories, the risk of supply chain attacks is likely to worsen in the coming years.

Get tips & advice to help you build a smart incident response plan in our guide. GET YOUR GUIDE>>

Get expert help to mitigate this risk with Kaseya’s Managed SOC

The efforts required to mitigate and eliminate supply chain attacks are daunting. The fact that more than two organizations are affected, and most likely the use of sophisticated attack vectors, complicates the handling of an incident. Kaseya’s Managed SOC protects your organization against supply chain attacks by monitoring your network around the clock for any suspicious activities. It puts the power of years of expertise at your fingertips without breaking the bank. Stop advanced threats with Kaseya’s Managed SOC — a world-class MDR solution that offers an innovative, affordable and effective way to power up your security.  

By partnering with us, you can gain access to an elite team of cybersecurity veterans that will help you hunt for threats like supply chain risk and triage them. They will be available 24/7/365 to dive in immediately and work with your team when actionable threats are discovered.  

Kaseya’s Managed SOC includes:  

  • Continuous monitoring: Round-the-clock protection with real-time advanced threat detection.  
  • Expertise on-demand: Get the cybersecurity expertise you need to keep your organization out of trouble without adding to your headcount.
  • Breach detection: Thwart sophisticated and advanced threats that bypass traditional AV and perimeter security solutions.  
  • Threat hunting: Focus on other pressing matters while an elite cybersecurity team proactively hunts for malicious activities. 
  • No hardware requirements: Patent-pending, cloud-based technology eliminates the need for costly and complex on-premises hardware. 

Learn more about Managed SOC

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!