Most supply chain attacks target supplier’s code—ENISA

guest · Aug 15, 2021

Most supply chain attacks target supplier’s code—ENISA
The agency also reported that attacks on the supply chain have grown in number and become more sophisticated
August 12, 2021
https://www.trendmicro.com/en_us/re...hain-attacks-target-suppliers-code-enisa.html

Cybersecurity experts have long been concerned about supply chain attacks because a single attack can wreak havoc and compromise a network of providers.

According to the European Union Agency for Cybersecurity’s (ENISA) Threat Landscape for Supply Chain Attacks, 62% of supply chain attacks use malware as a technique. The report also mentioned that strong security protection is no longer adequate for enterprises when attackers have already targeted suppliers.
Click to expand...

The report examined 24 supply chain attacks documented from January 2020 to early 2021. About 50% of the attacks were attributed to well-known Advanced Persistent Threat (APT) groups by the security community.
Moreover, an estimated 42% of the analyzed attacks haven’t been attributed to any group.
Click to expand...

ENISA: Understanding the increase in Supply Chain Security Attacks

The European Union Agency for Cybersecurity mapping on emerging supply chain attacks finds 66% of attacks focus on the supplier’s code.
In order to compromise the targeted customers, attackers focused on the suppliers’ code in about 66% of the reported incidents. This shows that organisations should focus their efforts on validating third-party code and software before using them to ensure these were not tampered with or manipulated.
Click to expand...

ENISA: Threat Landscape for Supply Chain Attacks
(PDF): https://www.enisa.europa.eu/publications/threat-landscape-for-supply-chain-attacks/at_download/fullReport

Log in or Sign up

Most supply chain attacks target supplier’s code—ENISA

guest Guest

Log in or Sign up

Most supply chain attacks target supplier’s code—ENISA

guest Guest

Useful Searches