43 percent of German supply chains already compromised by ransomware: New study by Trend Micro shows negative consequences for the visibility of cyber risks as a result of an enlarged attack surface.
Trend Micro, one of the world's leading providers of cybersecurity solutions, releases a new study showing that organizations are increasingly vulnerable to ransomware because of their extensive supply chains. For example, 43 percent of the German companies surveyed had already been affected by a ransomware attack in the supply chain (compared to 52 percent worldwide).
Targeted by partner companies
The study found that three quarters of all German IT executives (79 percent globally) assume that their partner companies and customers make their company a more attractive ransomware target. The developments are particularly explosive, as potentially less well-secured SMEs make up a significant part of the supply chain for more than a third (37 percent, 52 percent worldwide) of German companies.
A year ago, an attack on an IT management software vendor resulted in the compromise of numerous Managed Services Providers (MSPs) and thousands of downstream customers. However, only 40 percent of companies in Germany (47 percent globally) share their knowledge of ransomware attacks with their suppliers. Additionally, a third of all respondents in Germany (25 percent globally) say they do not share potentially useful information about these cyber threats with their partners.
Suspicious activity must be detected
One possible reason is that the companies do not even have this information in order to be able to pass it on. Because their ability to detect suspicious activities related to ransomware attacks is worryingly low: Only 20 percent of German companies (31 percent worldwide) see themselves able to notice lateral movement, i.e. the movement of an attacker within their network . The detection rates for the initial intrusion into their systems (43 percent in Germany, 42 percent worldwide), the leakage of data (43 percent in Germany, 49 percent worldwide), the actual ransomware payload (53 percent in Germany, 63 percent worldwide) and the improper use of actually legitimate tools such as PSexec or Cobalt Strike (54 percent in Germany, 63 percent worldwide).
“We found that 43 percent of all German companies have been affected by ransomware in at least one link in their supply chain. This automatically puts your own systems at risk,” warns Richard Werner, Business Consultant at Trend Micro. “Today, no company acts on its own, but as part of a supply chain is committed to its partners. In a networked world, this applies to an increasing extent, also and especially to IT. Therefore, the first step in reducing risk should be improved visibility and control across the entire digital attack surface.”
Almost every second supply chain has already been attacked
The supply chain can also be exploited by attackers to gain access to their actual target companies. Of the German companies that were affected by a ransomware attack in the last three years, 74 percent (67 percent worldwide) stated that the attackers informed their customers or partners about the attack in order to build up further pressure and in this way ransom payments to force.
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.