Supply chains facing new 'back-door' cyberattack peril
The global supply chain is facing a new form of cyberattack: the ‘hub attack’ where hackers target businesses seemingly unconnected to supply as a means of gaining back-door access to high-value supply targets.
Such companies - in fields such as insurance, credit clearing and SaaS - can provide thousands of links to potentially more-valuable suppliers and large customers, such as banks and companies in the energy and weapons sectors.
The warning comes from cybersecurity expert Shmulik Yehezkel, chief cyber operations officer at CYE, an Israel-based cyber defence company.
Yehezkel - a former Israeli special defence-forces operative - expects 2022 to see an increase in supply chain hub-attacks.
Hub companies hold valuable supplier data
“In the hub company, hackers can find valuable intelligence and information, such as how a supplier interacts with a vendor,” he warns. "This they can use to create phishing campaigns."
Phishing is a form of social engineering, where an attacker sends a fraudulent, but credible, message designed to trick people into revealing sensitive information or to download malicious software (malware).
Yehezkel adds that hub attacks are set to become hackers’ preferred approach because “they’re efficient and can provide easier avenues to bigger more well-protected targets”.
And, he adds, most hub hackers will be using commercially available tools to wage their stepping-stone cyberwar.
Supply chain hacks 'extremely dangerous'
“Supply chain attacks are extremely dangerous because once a hacker gains access to a significant software supplier they can also reach the data and code of the supplier’s subscribers and customers,” says Yehezkel.
His warning comes at a time when cyberattacks are on the rise. The first nine months of 2021 saw a 40 per cent global increase in cyberattacks than in the same period in 2020, according to data from Check Point Software Technologies, a leading network firewalls specialist.
Writing for cybersecurity website, CISO Mag, Yehezkel says supply chains have another advantage for attackers: deniability. “They can use the supply chain company as a proxy for another target.”
Another big problem is that such attacks are becoming harder to trace because many are carried out by hackers using open-source tools that are publicly available.
“This helps cover their tracks,” says Yehezkel . “It provides them a wide range of deniability, and makes it more difficult to target them with counterattacks or other forms of retaliation.”
Good IT housekeeping best defence against hackers
He also stresses that most cyberattacks are not sophisticated, and that the majority of hackers take advantage of known vulnerabilities.
His comments echo statistics released earlier this month by the British government’s National Cyber Security Centre. These show that a third of UK firms with digital supply chains are vulnerable to hackers because of a basic lack of IT housekeeping.
Echoing this, Yehezkel says: “Because the stakes of attacks are getting bigger it’s more important than ever to make sure all employees understand the value of strong passwords, that they learn how to recognize phishing attempts, and that they use multi-factor authentication.
“Sloppiness in these areas has long allowed bad actors to reach sensitive and valuable data. With the growth of hub attacks, this human factor can also result not only in severe damage to their own organization but potentially to thousands of others.
And no business is free from the risk of cyberattack, he warns: “From now on, every company - regardless of size, domain, or region of activity - is a potential target for cybercrime. No one is immune.”