Supply chain attacks, also known as third-party attacks are data breaches or system compromises that occur through supply chain networks (integrated systems). This means that if a vendor is compromised in a cyber-attack the clients could also be breached and thus compromised.
SolarWinds, a software company that primarily deals in system management tools used by IT professionals was affected by a major supply chain attack. The SolarWinds breach affected a majority of its products which led to multiple organizations’ compromise.
SolarWinds boasts of a wide range of customers and the heavily affected were the US federal government including the Department of Defense and the Telecoms sector. The attack was malware delivered in form of a fake systems update from SolarWinds’ own servers that was digitally signed by a valid digital certificate bearing their name.
The cyber attackers managed to make it into trusted, digitally signed software updates which are generally regarded as safe. The platform used generally acted as network over watch which provided wide latitude to explore, exploit and spread through networks at will. A sophisticated supply chain attack such as this is very difficult to defend from; therefore organizations need to closely vet all third party software.