July 13, 2023
Theft in the Modern World: Get a “Hacker’s Eye View” of Supplier Cyber Risk
As a supplier risk manager, you are a pro at protecting your organization from risks in your supply base. But, if you are like most of your peers, the highest impact supply chain disruptor is slipping under your radar—the supply chain attack.
When it comes to cyber security, most large companies have the necessary protections. Multi-factor authentication and firewalls are in place. Employees are trained and regularly tested. Web traffic is monitored and locked down.
Hackers have found another path.
A supply chain attack is a cyber-attack that impacts a company by compromising the less secure systems in the company’s supplier base. If your suppliers’ systems are vulnerable, you are vulnerable.
According to a 2022 IBM study with the Ponemon Institute, data breaches originating in supply chain attacks take 235 days to identify and another 68 to contain, costing businesses on average $4.46M. These costs include lost revenue, legal and regulatory fees, remediation and response activities; however, what’s not included and perhaps unquantifiable is the diminished brand equity a business will suffer in the long term.
It begs the question: how can organizations protect themselves from supply chain cyber attacks?
Darkbeam founder and CEO, Charlie Clark, says businesses need a “hacker’s eye view” to identify existing vulnerabilities and real-time threats in order to mitigate cybersecurity attacks in their supply chains. In his recent presentation at apexanalytix’s Icon Conference, Clark shined a light on the dark underbelly of cyber crime and its detrimental effects on a business, starting with basic education on how cyber criminals operate.
In this presentation recap, you’ll learn the basics of supplier cyber risk, who the players are and how their businesses are run. A “Hacker’s Eye View” of supplier cyber risk.
What is cyber risk?
Put simply, cyber risk is the potential financial loss or reputational harm due to failure of digital technologies. It is the product of probability of a compromise (existing vulnerability x known threats) multiplied by its potential impact.
What is the dark web?
The dark web refers to a part of the internet that is not indexed by traditional search engines and requires specific software, configurations or authorization to access. It is a hidden network of websites and online platforms that cannot be easily traced or identified.
Unlike the surface web, which consists of websites accessible through regular search engines, the dark web operates on overlay networks that utilize encryption and routing protocols to ensure anonymity. These networks allow users to access websites anonymously by bouncing their internet connection through multiple servers around the world, making it difficult to trace their activities or location.
The “business” of cyber crime
Despite the “criminal” moniker tied to cybercrime, these organizations can resemble highly organized corporations. They’re led by “bosses” that employ managers, specialists and tactical workers to carry out strategic initiatives.
Just like with any business, these gangs need a wide variety of skilled people to succeed. This list represents common profiles that play critical roles in these organizations.
The Mule: opportunists that may not even realize they work for criminal gangs to launder money
The Insider: disillusioned employees operating from within their own company
The Criminal: career criminals who ‘work’ 9-5 in the digital shadows
The Nation State Actor: government employees who steal sensitive information and disrupt from within
The Activist: motivated to change the world through questionable means
What is a supply chain attack?
Some of the most common supply chain attack types include:
- Software: attackers compromise the development process with malicious code or backdoors into legitimate software components
- Hardware: the tampering of physical components or devices during manufacturing, assembly or distribution
- Malware: legitimate files or applications are injected with malware through software updates or malicious links and attachments in email communications
- Third-party: suppliers are targeted to gain access to the systems connected to organizations in the upstream of a supply chain
- Insider: individuals with authorized access intentionally misuse their privileges or share sensitive information with threat actors
How does a supply chain attack happen?
Experienced cyber criminals typically take the path of least resistance, targeting vulnerabilities exposed within deeper tiers of the supply chain. The compromise can be initiated through various methods, such as phishing or social engineering, where weak links are identified. With this access, the attacker could move laterally across internal systems, establishing a stronger foothold and increasing their chances of reaching the target organization.
Once inside a third-party supplier’s system, the attacker can disrupt operations, steal sensitive information or inject malicious software…all while remaining undetected. The impact can be extensive, affecting not only the target organization, but also the supply chains of each interconnected third party.
Cyber Risk is Business Risk
The consequences of a supply chain attack can be crippling for any business. In addition to potentially devastating financial losses, the risk of reputational damage, legal liabilities and compromised data is enough to keep any CEO up at night.
Comprehensive risk management requires a proactive—not reactive–approach when incorporating supplier cyber risk. This involves identifying vulnerabilities, assessing risk tolerance and monitoring threats in conjunction with other operational, financial and strategic risks management practices.
Take control of cyber risk in your supply chain
Remember, knowledge is power, but action is crucial. Take the insights gained from Darkbeam’s presentation and apply them today to protect your organization from the destructive effects of a supply chain attack.
Predict, prevent and detect with Darkbeam
Darkbeam is a cyber vulnerability and threat risk management provider enabling apexanalytix users to identify unwanted digital vulnerabilities, find suppliers who are potentially at risk of a cyber attack while monitoring the dark web for real-world incidents impacting critical suppliers.
Ready to take action? Reach out here to see how Darkbeam works in the apexanalytix supplier risk management platform.