With the steady progress of digital transformation in recent years, companies have become increasingly dependent on numerous partners and suppliers. This shift has led to a more complex IT infrastructure and significantly expanded the attack surface that cybercriminals can exploit. They target the weakest link in the supply chain to gain access to the entire system.
For example, in November 2024, the US software provider Blue Yonder fell victim to a ransomware attack that impacted the operations of 3.000 companies in 76 countries. This raises the question: How can we protect the entire supply chain from increasingly frequent and sophisticated cyber threats? Asked Michael Veit, cybersecurity expert at Sophos.
Opportunities and risks of open source and AI
Given the interconnected nature of corporate, supplier, and partner systems, cybercriminals are increasingly targeting third parties to carry out their attacks and compromise corporate data and systems. SMBs and subcontractors are particularly vulnerable due to their limited cybersecurity resources.
Open source software components, in particular, offer a vulnerable point of attack. Because the code is public, attackers can explore it for flaws and potentially exploit many software applications simultaneously by discovering critical bugs. However, the open approach also offers advantages. Popular open source libraries are continuously tested and improved by hundreds of contributors, leading to faster discovery of issues and faster updates.
Remote work, AI, work emails on private mobile phones: all vulnerable to attack
Cybercriminals are also increasingly using social engineering to target employees with strategic access or highly privileged status within the IT infrastructure. This allows them to circumvent technical defenses using human manipulation tactics. The rapid development of artificial intelligence has further refined these techniques, enabling ultra-targeted phishing campaigns, deepfakes, and convincing mobile attacks. Finally, the rise of remote work and the use of personal devices such as mobile phones for professional purposes have expanded the attack surface for cybercriminals.
Defense strategies rely on Zero Trust and MFA
To mitigate these risks, companies must implement comprehensive defense strategies. They must combat potential attacks by applying the right concepts, tools, and partners. The Zero Trust approach is a cornerstone of a strong cybersecurity strategy. It is based on the principle of "never trust, always verify."
This also includes implementing strong authentication methods such as multi-factor technologies, combined with strict controls and segmented access management. It is essential to ensure that only the right employees have the appropriate privileged status. Furthermore, access must be regularly reviewed and adjusted as necessary, especially for external suppliers or partners.
Regulations help curb supply chain attacks
Michael Veit, cybersecurity expert at Sophos (Image: Sophos).
It is equally important to ensure that all members of the ecosystem have adequate security protection, both for cybersecurity reasons and to comply with regulatory requirements. For example, the Digital Operational Resilience Act (DORA) requires financial service providers to ensure that all their suppliers and partners meet established security standards.
Cybercriminals are increasingly targeting supply chains to infiltrate secure systems by exploiting smaller, less well-equipped suppliers and partners. To ensure business continuity and protect increasingly complex and interconnected IT infrastructures, companies must develop and implement effective cybersecurity strategies and best practices. This includes collaborating not only with third parties but also with cybersecurity experts who can provide tailored solutions, advice, and support to create the technical framework necessary to protect the entire ecosystem while complying with regulatory requirements.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.