Software supply chain attacks burst into public consciousness in 2020 with news of the SolarWinds Orion attack, and a Kaseya VSA ransomware attack in mid-2021 further underscored the risks to third-party software suppliers.
Although attacks resulting from infiltration of an IT supplier’s code base are relatively rare, the software supply chain – the code, dependencies and applications that all modern organizations rely on – is a source of near-constant vulnerabilities.
That’s why successful supply chain attacks have become a near-daily occurrence in 2024, according to Cyble threat intelligence data.
Key takeaways:
- Cyble’s dark web monitoring found 90 cybercriminal claims of successful supply chain attacks in a six-month period, from February to mid-August. IT providers suffered the greatest number of those breaches, 30, or one-third of the total, followed by technology product companies, which experienced 14 of the 90 breaches.
- The United States experienced the greatest number of supply chain breaches claimed on the dark web – 31 in all – followed by the UK (10). Germany and Australia each had five, and Japan and India had four each.
- A recent report from Cyentia found that 99% of Global 2000 companies are directly connected to a vendor that has been hit by a supply chain breach.
- Attacks on the software supply chain have occurred at a rate of at least one every two days in 2024.
“These attacks are particularly damaging and costly because of their multiplication factor on downstream victims and trusted access to customer environments,” according to Cyble. “Even when the codebase isn’t breached, customer databases contain critical information for threat actors to use in phishing, spoofing and credential attacks. A defense-in-depth approach is required to reduce risk, based on principles of zero trust, cyber resilience, and secure code practices.