Now more than ever, supply chains are attracting threat actor attention. As evidenced by attacks like the one which recently targeted the IT services provider Kaseya and over 1,500 of their clients, trusted relationships between service providers and users are ripe for exploitation.
Regrettably, the often neglected nature of this threat vector means that supply chain attacks are a global cyber threat with tremendous room to grow. According to the European Agency for Cybersecurity, supply chain attacks, which compromise an entire supplier ecosystem, are expected to increase four times in 2021 alone.
Though a 400 percent predicted growth rate is massive, the immense returns cybercriminals receive from pulling off a successful attack, often giving them a way to infiltrate thousands of prime targets simultaneously
Paradoxically, organizations doing more to improve their cybersecurity might also be another reason cybercriminals are focusing on supply chains. Talking to Wired, Nick Weaver, a cybersecurity researcher at