Supply chain attacks, also known as third-party attacks, make organizations vulnerable by increasing their attack surface through partners, vendors, suppliers, and other external parties. But your supply chain doesn’t have to pose a risk to your sensitive information. Let’s look at some of the major supply chain attacks that have taken place this year and examine how they could have been prevented.
1. Accellion File Transfer Application Breach
Accellion is a file sharing and collaboration solution. In 2020 and 2021, Accellion’s File Transfer Application was breached twice. During these breaches, attackers were able to gain access to Accelion’s customers that were using the Accellion application. Many companies were impacted, including leading healthcare and financial institutions.
How Zero Trust Could Have Helped Mitigate the Accellion Breach Risk
Zero trust is an access model that assumes any user could be potentially compromised at any point. Therefore, continuous authorization is conducted to verify identities. Had this approach been in place, the perpetrators of this attack would not have been able to progress laterally even if they did gain initial access. Strong authentication requirements would also have prevented them from accessing any organization applications or systems.
In addition, Cyolo provides virtual patching to end of life systems that don’t have patches for zero day attacks. As a result, Cyolo can protect legacy systems even if they fall victim to supply chain attacks.
2. Audi, Volkswagen, Mercedes-Benz Data Leak
These three leading automotive OEMs each worked with vendors that left their sensitive information on a publicly available cloud. This unsecured data was then accessed by unauthorized parties.
How Zero Trust Could Have Helped Prevent the Audi, Volkswagen and Mercedes Benz Breaches
Zero trust architecture enables organizations to protect themselves and their assets even if their supply chains suffer information leaks. To ensure that data and resources do not leave the organization, a supplier or vendor who needs access must be explicitly authorized each and every time. In addition, the actions of all third parties are monitored in real-time, and the organization is empowered to determine whether they can take potentially risky actions like copying or editing information.
3. Click Studios Password Breach
Click Studios provides an enterprise password manager solution, Passwordstate. It was breached when attackers exploited the app’s update mechanism to deliver malware to customers. As a result, attackers were able to extract credentials, domain names, running processes, computer names, and more – from possibly hundreds of thousands of organizations.
How Zero Trust Could Have Helped Mitigate the Click Studios Breach Risk
Cyolo’s zero trust solution provides a personal vault instead of a central password database. This method of secure storage ensures that attackers do not have a single resource to attack if they want to expose a large number of passwords. In addition, Cyolo provides a passwordless user experience, rendering password attacks obsolete. In any case, we strongly recommend organizations implement multi-factor authentication (MFA). That way, even if their passwords are compromised, assets remain safe.
4. Quanta (Apple) Breach
Quanta is an Apple supplier. In a recent ransomware attack, the Russian hacker group REvil accessed confidential data from Quanta’s servers. The gang demanded $50 million in ransom and posted files that contained internal designs of Apple’s hardware.
How Zero Trust Could Have Helped Prevent the Quanta Breach
Zero trust is based on the premise of ‘never trust’ always verify.’ In practice these means continuously authorizing users and devices each time they want to access an application. Organizations that want to reduce the attack surface can implement zero trust themselves and also require their suppliers to implement zero trust. As just one example, US President Biden’s Cybersecurity Executive Order discusses implementing Zero Trust across Federal Government suppliers.
To learn how to get started with Zero Trust, click here.
Kaseya is a global IT provider that was also attacked by the REvil ransomware group. The attackers exploited a vulnerability in Kaseya VSA, a remote monitoring and management software platform. Managed service providers (MSPs), entities that have high level privileges inside networks, who used Kaseya VSA were breached, putting their customers at risk as well as themselves.
How Zero Trust Could Have Helped Mitigate the Kaseya Breach Risk
Zero trust continuously authorizes users and devices when they access network assets, usually through MFA. Even if a user with a high level of privileges is compromised, the continuous authorization requirements of zero trust will keep an attacker from moving from system to system. Moreover, auditing and monitoring capabilities detect unusual use of the system, even for highly privileged accounts.
How to Prevent Supply Chain Attacks with Cyolo’s Zero Trust Solution
Cyolo is the leading zero trust security provider for organizations that want to protect their assets and customers. By securely connecting all users from anywhere and continuously authenticating identities and devices, Cyolo enables employees to focus on their work and allows the business to grow. Cyolo provides advanced user management features, real-time recording abilities and an easy to use UI. Cyolo can also integrate with your VPNs, if needed.
The Cyolo solution takes minutes to implement and is compatible with any network topology and identity infrastructure. In addition, Cyolo does not have access at any stage to customer data. Not only does this ensure true privacy and security, it also improves performance as a better user experience. Request a demo to learn more.