SUPPLY CHAIN ATTACKS-HACKERS INTELLIGENCE OR SELF NEGLECT

-By Rohan Purohit

For ages, the US has been the epicenter of cybercrimes. The US government security agencies responsible for maintaining security to their system have mostly failed or unable to identify the culprit.

Talking only about last year cybersecurity and infrastructure agencies known as CISA reported that federal agencies faced 180 different threats from the digital supply chain. In recent attacks, the US department of homeland security was breached.

RANSOMWARE

Nothing new in this cyber warfare world ransomware is the malware that when goes inside a system it encrypts the system data and after which demand ransom in form of money or something to decrypt the data. The hacker’s group target local government body, health care systems, etc. billions of rupees and important data and time are lost in the whole process.

SUPPLY CHAIN ATTACK

 A supply chain attack also called a value-chain or third-party attack occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data.

The instability of the world was the main reason for this many cyber-attacks. In the year 2019 people came to the most dangerous mode of large-scale cyber-attack which is called a supply chain attack.

This cyber warfare is very different from the conventional methods of cyber-attacks because here the breach occurs in partnership with a service provider.

The hackers have recently developed new toots and resources making it impossible to prevent it and the loss in this is also very high. Mostly it occurs in 2 steps firstly an update is released from a legitimate software vendor and after the users’ download it thinking it to be trustworthy, but it turns out to be the destructive one that beaches the system.

One of the recent times cases is the solar wind attack that compromised beach in 18000 customers. This happened because the hackers were able to get inside an update of the company which the users installed only to get their data destroyed. The compromised update cost the company billions of rupees.

 This solar winds supply chain attack was a seismic hit to the US government but was not the first one to do so. Many cyber supply chain attacks have been occurring in the US mainly from countries like Russia, China, Iran, North Korea. But exact location is difficult to detect due to sophistication.

This attack also proved that every company either it is big or small is vulnerable to this method of cybercrime. Any cyber company is a potential target. Even Google and Microsoft are not safe.

Supply chain attacks mainly target open-source code and 90% of all applications have open source codes and from them 11%has known vulnerabilities in them.

Four federal agencies – the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the National Security Agency (NSA) – issued a joint statement saying that the SolarWinds attack was “likely Russian in origin.

The government watchdogs also released a statement that the threats are far from new and the government has merely failed in implementing security measures for their sensitive information against supply chains.

 One report by the US government agency reveals that 14 out of 23 surveyed federal agencies have either no or very little security to protect their information and communication from the supply chain.

To prevent this type of attack necessary steps should be taken which includes proper encoding of information, also the service providers must be of the same country and verified. The service provider also must ensure proper security to ensure safety. A different world organization should be formed In the UN which will only deal with the matter related to cybersecurity with the active participation of every country.

REFERENCES

https://www.datacenterknowledge.com/security/what-are-supply-chain-attacks-and-how-guard-against-them

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/

https://www.csoonline.com/article/3191947/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html

“Next Generation Cyber Attacks Target Oil And Gas SCADA | Pipeline & Gas Journal”. www.pipelineandgasjournal.com. Retrieved 27 October 2015.

 “New malware hits ATM and electronic ticketing machines”. SC Magazine UK. Retrieved 29 October 2015.

 Urciuoli, L., Männistö, T., Hintsa, J., & Khan, T. (2013). SUPPLY CHAIN CYBERSECURITY – POTENTIAL THREATS. Information & Security, 29(1), 51-68. Retrieved 2015-10-29

TechThoroughFare

Share on facebook
Share on twitter
Share on linkedin
Archives

42 Responses

  1. Pingback: cytotmeds.com
  2. I’m really enjoying the theme/design of your website.
    Do you ever run into any internet browser compatibility problems?
    A handful of my blog readers have complained about my site not operating correctly in Explorer but looks great in Opera.
    Do you have any recommendations to help fix this issue?

  3. My spouse and I stumbled over here from a different website and thought
    I may as well check things out. I like what I see so i am just following you.
    Look forward to looking into your web page for a second time.

  4. Admiring the time and effort you put into your site
    and detailed information you offer. It’s awesome to come across a blog every once in a while
    that isn’t the same outdated rehashed material. Great read!
    I’ve bookmarked your site and I’m including your RSS feeds
    to my Google account.

  5. I’d like to thank you for the efforts you’ve put in writing this website.
    I am hoping to see the same high-grade blog posts by you later on as well.

    In truth, your creative writing abilities has motivated me to get my very own blog now 😉

  6. [url=http://lendingpd.com/]cash loans uk[/url] [url=http://paydloans.com/]cash loan fast[/url] [url=http://cashaadvance.com/]loan fast[/url] [url=http://ossloans.com/]guarantor loans[/url] [url=http://loansguaranteedapproval.us.com/]loans online direct[/url] [url=http://waltloans.com/]fast cash loans[/url] [url=http://paydayloans.us.org/]loans for used cars[/url] [url=http://lendingbt.com/]cash fast online[/url] [url=http://cashlnd.com/]loans without a credit check[/url] [url=http://coracash.com/]personal loan rates comparison[/url]

  7. Usually I don’t read article on blogs, however I would like to
    say that this write-up very pressured me to try and do it!
    Your writing taste has been surprised me. Thanks, quite great post.

  8. Having read this I believed it was really informative.
    I appreciate you finding the time and effort to put this
    content together. I once again find myself spending way too
    much time both reading and posting comments.
    But so what, it was still worth it!

  9. A person necessarily help to make critically posts I would state.

    That is the very first time I frequented your website page and up to now?
    I amazed with the research you made to create this particular submit incredible.

    Magnificent activity!

  10. Having read this I thought it was really enlightening. I appreciate you taking the time and energy to put this short article together. I once again find myself spending a lot of time both reading and commenting. But so what, it was still worthwhile. Hali Farleigh Settera

  11. I blog frequently and I really thank you for your information. The article has really peaked my interest. I am going to book mark your site and keep checking for new details about once per week. I opted in for your RSS feed as well. Ralina Ximenez Harli

  12. Hello there! This post could not be written any better!
    Reading through this post reminds me of my old room mate!
    He always kept talking about this. I will forward this page to him.
    Pretty sure he will have a good read. Thank you for sharing!

  13. Definitely believe that which you stated. Your favorite reason appeared to be on the
    internet the simplest thing to be aware of. I say to you, I
    certainly get irked while people think about worries that they just do not know
    about. You managed to hit the nail upon the top and defined out the whole thing without having
    side effect , people can take a signal. Will
    likely be back to get more. Thanks

  14. A portion of these Best Event App guarantee the client by hinting them when they procedure Attractions or different things worth concentrating on. Fredia Bay Mika

Leave a Reply

Your email address will not be published. Required fields are marked *

Science

Latest

Trending