Supply chain attacks, also known as third-party attacks, make organizations vulnerable by increasing their attack surface through partners, vendors, suppliers, and other external parties. But your supply chain doesn’t have to pose a risk to your sensitive information. Let’s look at some of the major supply chain attacks that have taken place this year and examine how they could have been prevented.
Accellion is a file sharing and collaboration solution. In 2020 and 2021, Accellion’s File Transfer Application was breached twice. During these breaches, attackers were able to gain access to Accelion’s customers that were using the Accellion application. Many companies were impacted, including leading healthcare and financial institutions.
Zero trust is an access model that assumes any user could be potentially compromised at any point. Therefore, continuous authorization is conducted to verify identities. Had this approach been in place, the perpetrators of this attack would not have been able to progress laterally even if they did gain initial access. Strong authentication requirements would also have prevented them from accessing any organization applications or systems.
In addition, Cyolo provides virtual patching to end of life systems that don’t have patches for zero day attacks. As a result, Cyolo can protect legacy systems even if they fall victim to supply chain attacks.
These three leading automotive OEMs each worked with vendors that left their sensitive information on a publicly available cloud. This unsecured data was then accessed by unauthorized parties.
Zero trust architecture enables organizations to protect themselves and their assets even if their supply chains suffer information leaks. To ensure that data and resources do not leave the organization, a supplier or vendor who needs access must be explicitly authorized each and every time. In addition, the actions of all third parties are monitored in real-time, and the organization is empowered to determine whether they can take potentially risky actions like copying or editing information.
Click Studios provides an enterprise password manager solution, Passwordstate. It was breached when attackers exploited the app’s update mechanism to deliver malware to customers. As a result, attackers were able to extract credentials, domain names, running processes, computer names, and more - from possibly hundreds of thousands of organizations.
Cyolo’s zero trust solution provides a personal vault instead of a central password database. This method of secure storage ensures that attackers do not have a single resource to attack if they want to expose a large number of passwords. In addition, Cyolo provides a passwordless user experience, rendering password attacks obsolete. In any case, we strongly recommend organizations implement multi-factor authentication (MFA). That way, even if their passwords are compromised, assets remain safe.
Quanta is an Apple supplier. In a recent ransomware attack, the Russian hacker group REvil accessed confidential data from Quanta’s servers. The gang demanded $50 million in ransom and posted files that contained internal designs of Apple’s hardware.
Zero trust is based on the premise of ‘never trust’ always verify.’ In practice these means continuously authorizing users and devices each time they want to access an application. Organizations that want to reduce the attack surface can implement zero trust themselves and also require their suppliers to implement zero trust. As just one example, US President Biden’s Cybersecurity Executive Order discusses implementing Zero Trust across Federal Government suppliers.
Kaseya is a global IT provider that was also attacked by the REvil ransomware group. The attackers exploited a vulnerability in Kaseya VSA, a remote monitoring and management software platform. Managed service providers (MSPs), entities that have high level privileges inside networks, who used Kaseya VSA were breached, putting their customers at risk as well as themselves.
Zero trust continuously authorizes users and devices when they access network assets, usually through MFA. Even if a user with a high level of privileges is compromised, the continuous authorization requirements of zero trust will keep an attacker from moving from system to system. Moreover, auditing and monitoring capabilities detect unusual use of the system, even for highly privileged accounts.
Cyolo is the leading zero trust security provider for organizations that want to protect their assets and customers. By securely connecting all users from anywhere and continuously authenticating identities and devices, Cyolo enables employees to focus on their work and allows the business to grow. Cyolo provides advanced user management features, real-time recording abilities and an easy to use UI. Cyolo can also integrate with your VPNs, if needed.
The Cyolo solution takes minutes to implement and is compatible with any network topology and identity infrastructure. In addition, Cyolo does not have access at any stage to customer data. Not only does this ensure true privacy and security, it also improves performance as a better user experience. Request a demo to learn more.
Author
Jennifer Tullman-Botzer is a cybersecurity nerd by day and a history nerd by night. She has over a decade of experience in cybersecurity marketing and is as tired as you are of hackers-in-hoodies stock images. Jennifer joined Cyolo in 2021 and currently serves as Head of Content. Prior to Cyolo, she worked in a variety of marketing roles at IBM Security. She lives in Tel Aviv, Israel.