8


SPECIAL REPORT: CYBERSECURITY WHO’S NEXT?


It’s quite feasible that the quiet unassuming person sitting in the corner of a coffee shop in downtown Lagos, London or Lisbon tapping away contentedly on their laptop keyboard may well be about to bring a global corporation to its knees and demand millions of dollars to repair the damage.


Such is the world of the cybercriminal.


You may never know the perpetrators of these crimes. You may never understand how much is paid to them. You may never begin to contemplate that some corporations are reportedly assigning their own hackers to ‘hack back’ at those targeting them, which can be as dangerous as it sounds. What we do know,


however, is that the people behind these attacks are busier than ever before. As insurer TT Club recently stated on cyber risk: ‘Be alert and expect the attack; it’s not if but when.’


The European Union Agency for Cybersecurity - also known as ENISA - agrees. The conclusion of its new study ‘Threat Landscape for Supply Chain Attacks,’ which looked at 24 such incidents between January 2020 and July


Around 62% of the attacks on customers took advantage of their trust in their supplier.


ATTACK TECHNIQUES USED TO COMPROMISE A SUPPLY CHAIN Malware Infection


e.g. spyware used to steal credentials from employees.


Social Engineering Brute-Force Attack


Exploiting Software Vulnerability


Exploiting Configuration Vulnerability


Physical Attack or Modification


Open-Source Intelligence (OSINT)


Counterfeiting


e.g. phishing, fake applications, typo-squatting, Wi-Fi impersonation, convincing the supplier to do something.


e.g. guessing an SSH password, guessing a web login.


e.g. SQL injection or buffer overflow exploit in an application.


e.g. taking advantage of a configuration problem. e.g. modify hardware, physical intrusion.


e.g. search online for credentials, API keys, usernames.


e.g. imitation of USB with malicious purposes.


2021, is to predict a four-fold increase in supply chain software attacks in 2021.


It issues a very clear and frank assessment; strong security protection is no longer enough for organisations because attackers have already shifted their attention to suppliers, with an increasing impact such as downtime of systems, monetary loss and reputational damage. ‘You’re only as strong as your weakest link’ has never been a more pertinent statement when it comes to cybersecurity.


The EU Agency for Cybersecurity’s mapping of emerging supply chain crimes found 66% of attacks focus on the supplier’s code. “Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers,” it states.


In 62% of the cases, malware was the attack technique employed. This evidence stresses the need for policymakers and the cybersecurity community to act now with novel protective measures to prevent and respond to potential supply chain attacks in the future, ENISA says.


Why is a good level of cybersecurity not good enough?


Composed of an attack on one or more suppliers with a later attack on the final target, namely the customer, supply chain attacks may take months to succeed, the EU Agency found. ‘In many instances, such an attack may even go undetected for a long time. Similar to Advanced Persistence Threat (APT) attacks, supply chain cyber incidents are usually targeted, quite complex and costly, with attackers probably planning them well in advance. All such aspects reveal the degree of sophistication of the adversaries and the persistence in seeking to succeed.’


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26