Supply Chain Cybersecurity Risk is Shaping Up to be the Story of 2021
In this series, we’ll be digging deeper into a few of the standout security findings of our annual analysis of the data breach landscape, The Global Year in Breach, 2021 Edition. While phishing was the biggest cybercrime story overall in 2020 (you really can’t beat that 667% increase), another player entered the game in late 2020: Third party and supply chain risk. In the wake of massive security breaches at business service providers like Solarwinds, Microsoft, BlackBaud and Accelllion, many organizations learned the hard way that the cybersecurity woes of the companies that they do business with are their woes too, shining a spotlight on third party and supply chain cybersecurity risk.
Which of your vendors will cause your next cyberattack? Read our new eBook to learn how to spot and stop third party risk. GET THIS BOOK >>
More Data = More Danger
A cycle that many experts have been warning about has kicked into high gear in 2021: increasing third party and supply chain related cybercrime. Years of data breaches have provided cybercriminals with abundant fuel for cyberattacks ranging from business email compromise to credential stuffing. A booming cybercrime-as-a-service gig economy is also enabling growth for dark web operations from targeted database hacking to outsourced phishing operations. Add in the vast amount of information that bad actors have to choose from in crafting their operations (22 million new records landed on the dark web in 2020), and you’ve got a nasty stew that’s very appetizing to cybercriminals, but very bad for businesses. Over 90% of US businesses experienced a cybersecurity incident like a data breach in 2020 because of a third party or supply chain fault, and worldwide more than 60% of data breaches were the result of exposure through a third party.
Twice in 2020 giant, data breaches at service providers brought home the risk and devastating consequences of doing business in the modern world. A reduction in workforces brought about by years of paring down budgets through outsourcing set organizations around the world up for cybersecurity disasters that they never saw coming in 2020. Reliance on third party service providers and specialty suppliers may be a great way to run a lean organization, but it’s also a great way to put your business in a position where one phishing attack or ransomware incident at a business that serves yours is a disaster that directly harms your company. Third party and supply chain risk has gone from being a problem that your company could face to a problem that companies are facing right now.
Third Party and Supply Chain Cybersecurity Risk Leveled Up in 2020
No discussion of supply chain and third party risk can be complete without a mention of the massive, messy disaster that was the BlackBaud breach in mid-2020. The impact from that incident is still being uncovered nearly half a year later. Multiple class-action lawsuits have been filed in US courts and this incident has now become the largest healthcare data breach in US history, with further legal and regulatory action expected against the company around the world. The ripples just kept going as every week generated another round of hospital fundraisers, charitable organizations, university foundations, historic trusts and other non-profits, as well as hospitals and other businesses that had been impacted by the epic data breach at data processing giant Blackbaud. All told, experts estimate that more than 200 organizations in the US, Canada and Europe found themselves embroiled in a cybersecurity nightmare because of Blackbaud’s security failure.
The final major third party data breach in 2020 pointed us at what to expect in that threat landscape in the future: nation-state hackers attempting to gain access to national security targets through third party and supply chain outlets. Discovered by researchers at security giant FireEye, a massive data and systems breach incident at Solarwinds exposed just how weak some Federal and military cybersecurity processes really are, and exactly how dangerous that can be. The US Department of Homeland Security, the US Department of State, the National Institutes of Health, the US Department of Commerce, the US Department of the Treasury and a score of other agencies found themselves scrambling to investigate and contain an incursion by Russian threat actors, likely GRU operatives and cybercriminals from the notorious Cozy Bear group. The hackers were initially able to penetrate security at Solarwinds through a suspected phishing incident and quietly slip snippets of malware code into a routine update to the company’s Orion software, commonly used for monitoring by government agencies, Fortune 500 companies, and other heavyweight organizations with intense security needs. That bit of code created back doors at these organizations that were open for months, allowing the threat actors to dip into those organizations and traverse their IT environments freely with disastrous results.
The Hits Keep On Coming in 2021
Microsoft has come into the spotlight recently as the next big source of third party risk for companies because of a flaw in the code of on-premises Exchange server software that created openings for bad actors to slip through, in this case suspected Chinese nation-state threat actors. An estimated 30,000 organizations in the United States and 60,000 systems in Germany, including a significant number of small businesses, towns, cities and local governments, are likely victims. Researchers have identified at least 10 hacking groups exploiting this flaw, and the fallout is set to continue into the coming months.
Right now, as the Accellion data breach saga continues to unfold, companies are continuing to find themselves experiencing unexpected hacking and malware incidents because bad actors, in this case the Clop ransomware gang, were able to gain the information or credentials that they needed to conduct ransomware operations against the organizations that the file sharing and cloud collaboration company served with devastating results. In one week, Clop was able to inject their ransomware directly into 5 major US universities and several companies including Royal Dutch Shell – all because of back doors and information that they gained by cracking open the files at Accellion.
Don’t let cyberattacks put the brakes on your business. Stay agile and keep your engine running under any conditions. Start your journey on The Road to Cyber Resilience now! DOWNLOAD THIS PACKAGE>>
Don’t Wait to Take Action
Third party and supply chain risk stole the show for parts of 2020, and the epic breaches at BlackBaud and Solarwinds perfectly exemplified the intertwined nature of today’s businesses and today’s risk. Microsoft’s Exchange server woes in 2021 offer a glimpse into the volatile and tumultuous future of this growing menace. Supply chain and third-party-related cyberattacks are expected to cause $6 trillion worth of damage in 2021. Companies must take precautions against the impact of a third party data breach by adding smart security solutions that can stymie the most likely avenues of attack from that vector.
- Add Passly and start using multifactor authentication, the expert-recommended mitigation against all forms of cyber risk that can stop 99% of password-related cybercrime all by itself.
- Use then newly revamped BullPhish ID to frequently refresh your phishing resistance training to spot and stop phishing attacks, which make up more than 80% of cybercrime.
- Hackers can quickly get their hands on credentials that your staff have reused in other business or personal accounts in dark web data markets and dumps, but that threat can be mitigated with Dark Web ID.
- Consider the benefits of reinforcing that training with a solution that catches and quarantines 40% more phishing threats than competing types of email security: automated anti-phishing email security from Graphus.
Contact the experts at ID agent today for a personalized assessment of how our solutions can benefit your business and help you protect essential systems and data from the rising tide of third party and supply chain cybersecurity risk.