Another Supply Chain Woe

When hackers working for Russian intelligence compromised updates from IT services provider SolarWinds, cybercriminals used the data to target around 100 of the company’s customers. In another less-publicized incident, a software vulnerability from a small provider was used as ammunition for a ransomware attack that affected thousands of its customers around the world. “The issue of the threat to IT service providers as part of a supply chain was clearly one of the features of the last year,” said Simon Mehdian-Staffell, UK government affairs manager at Microsoft, at a 2021 Conference discussion on the rise of state-backed cyberattacks. Big attacks like the one on SolarWinds get attention, but lower-scale, less obvious supply chain attacks are just as effective for attackers. Companies need to plan how to protect themselves if one of their IT suppliers is hacked. An obvious first step is controlling how privileged access is managed. Another is ensuring that infrastructure that doesn’t need to be connected directly to the internet isn’t directly connected.