Unwanted Gift: Ransomware, Supply Chain Attacks, and How to Prevent Them

Now more than ever, supply chains are attracting threat actor attention. As evidenced by attacks like the one which recently targeted the IT services provider Kaseya and over 1,500 of their clients, trusted relationships between service providers and users are ripe for exploitation.

For a malicious actor, hijacking a trusted application at the source means getting a free pass into the heart of your network. With defenses pointed outward, supply chain compromises also give cybercriminals the opportunity to deploy threats like ransomware without raising the alarm. 

Regrettably, the often neglected nature of this threat vector means that supply chain attacks are a global cyber threat with tremendous room to grow. According to the European Agency for Cybersecurity, supply chain attacks, which compromise an entire supplier ecosystem, are expected to increase four times in 2021 alone.

Though a 400 percent predicted growth rate is massive, the immense returns cybercriminals receive from pulling off a successful attack, often giving them a way to infiltrate thousands of prime targets simultaneously, makes this prediction less surprising. 

Paradoxically, organizations doing more to improve their cybersecurity might also be another reason cybercriminals are focusing on supply chains. Talking to Wired, Nick Weaver, a cybersecurity researcher at

Read More: https://blog.morphisec.com/unwanted-gift-ransomware-supply-chain-attacks-and-how-to-prevent-them