Supply chain attacks, also known as third-party attacks, are data breaches or system compromises that occur through supply chain networks (integrated systems). This means that if a vendor is compromised in a cyber-attack, the clients could also be breached and thus compromised.
Solar Winds, a software company that primarily deals in system management tools used by IT professionals, was affected by a major supply chain attack. The SolarWinds breach impacted a majority of its products, which led to multiple organizations’ compromises.
Solar Winds boasts of a wide range of customers and the heavily affected were the US federal government including the Department of Defense and the Telecoms sector. The attack was malware delivered in the form of a fake system update from SolarWinds’ own servers that was digitally signed by a valid digital certificate bearing their name.
The cyber-attackers managed to make it into trusted, digitally signed software updates which are generally regarded as safe. The platform used largely acted as a network overwatch which provided wide latitude to explore, exploit and spread through networks at will. A sophisticated supply chain attack such as this is very difficult to defend from; therefore, organizations need to closely vet all third-party software.