IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers target business supply chains

NCSC: Attackers compromised channel providers' software updates in 2017

Open padlock on circuit board

Hackers are targeting supply chain firms to gain access to commercially sensitive data from them and their customers, according to the UK's National Cyber Security Centre (NCSC).

A large number of managed service providers (MSPs) were subject to such cyber attacks in 2017, according to the joint report by the National Cyber Security Centre (NSCS) and the National Crime Agency (NCA), which warned channel partners and their customers to take steps to defend against similar attacks this year.

The report, titled 'The cyber threat to UK businesses 2017-2018', explained how such attacks, including the compromise of a large number of MSPs, are normally designed to breach confidentiality and integrity, but may also be designed to affect availability, through methods such as supplying defective equipment. 

Further opportunities for threat actors to interfere with the supply chain may also be afforded by inserting bugs into hardware and software updates for contracts where partners are responsible for the ongoing servicing of hardware or software.

The report warned: "When done well, supply chain compromises are extremely difficult (and sometimes impossible) to detect. 

"Network monitoring can detect unusual or suspicious behaviour, but it is still difficult to ascertain whether a security flaw has been deliberately introduced (possibly as a backdoor) or results from a careless error on the part of developers or manufacturers - or indeed to prove that any potential access has been exploited.  Services of almost any sort can be affected, particularly if they involve electronic connectivity or data import."

Significant examples cited include two software companies, MeDoc and CCleaner, which were compromised at source, leading to their customers being infected with malware when downloading the software or any updates.

The report also recommended a series of measures that businesses and supply chain partners should take to mitigate the risk of such hacking.

It recommends understanding what needs to be protected and why, as well as understanding the security risk, setting minimum security requirements for partners and raising awareness of security within the supply chain, as well as advising partners to meet their security responsibilities and offer support for security incidents.

UK businesses' cyber threat risk is "bigger than ever", the NCSC said, and the report revealed there had been there had been 34 significant attacks - defined as attacks that require a cross-government response - between October 2016 and the end of 2017, with 762 less severe attacks across this period. 

Other major incidents comprised ransomware and distributed denial of service (DDoS) attacks, massive data breaches, as well as fake news and information operations, while the report also threw the spotlight on emerging threats such as crypto-jacking.

Verizon also released its 11th annual Data Breach Investigations Report today, which highlighted ransomware as the most commonly-seen form of malware over the course of 2017, up from fourth place the previous year, with ransomware infections increasingly affecting business-critical systems rather than just desktops. 

This, however, is in contrast with Malwarebytes' latest quarterly cybercrime report, which outlined that while ransomware detections were up 28% between January and March 2018, it was only the sixth-highest detected threat with the overall volume remaining low.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Darktrace partners with HackerOne to bring AI to attack resistance
cyber security

Darktrace partners with HackerOne to bring AI to attack resistance

11 Aug 2022
Waterstones suffers stock nightmare after botched IT upgrade
digital transformation

Waterstones suffers stock nightmare after botched IT upgrade

10 Aug 2022
Barclays strikes deal with Microsoft to migrate staff to Teams
collaboration

Barclays strikes deal with Microsoft to migrate staff to Teams

10 Aug 2022
Logicalis snaps up UK-based IT consultancy Q Associates
mergers and acquisitions

Logicalis snaps up UK-based IT consultancy Q Associates

9 Aug 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022