A modern-day Trojan horse

To prevent future threats, we must learn from past mistakes.

2019:

As the decade ended, an unprecedented attack was just beginning. Within SolarWind’s CI/CD pipeline, hackers placed malicious code in one of the Texas-based company’s regular software updates. Early the following year, SolarWinds released those same updates to its customers, unknowingly providing the bad actors access to their systems. Once inside, the hackers installed additional malicious software to elevate privileges and spy on as many as 18,000 organizations—including the Pentagon.

The bad actors leveraged what’s colloquially called a supply chain attack, penetrating the defenses of a widely used third party that already has access to an organization’s systems rather than attacking said organization directly. While the SolarWinds hack was high-profile, these kinds of attacks are anything but low frequency.

Accessible and vulnerable

A risk to your supply chain can also be a risk to your entire organization. Software supply chain attacks, commonly referred to as third-party attacks, occur when cybercriminals penetrate your system through an external provider or third-party partner that has access to your systems or data: exactly what happened to SolarWinds.

You might be wondering, “How many outside vendors actually have access to my system?” The answer may surprise you. The average number of software vendors used by Fortune 1000 enterprises is 110, according to a session from this year’s RSA Conference. And if you’re made vulnerable, any one of those third parties may be too.