Computer security: Supply chain and cyber-malveillance

Supply chains have been presented since the beginning of the health crisis as an easy gateway for cybercrime into computer systems.

This represents a significant risk, especially, in terms of supply. The problem with this loophole, as presented, is that it affects all sectors of activity. From that, the bulk of cyber-malveillance acts could go through the supply chain.

This article will also interest you: EDF to the blockchain through Exaion

Referring to the figures provided by BlueVoyant, we can see the use of the supply chain to the tune of 1,013 suppliers in the traditional ecosystem of a large organization. Looking a little closer in the past, 82% of these providers have experienced data breaches in the past 12 months alone. The causes generally mentioned in the face of its security flaws would be huge breaches is weakness related to supply chain.

This situation makes perfect sense when we know that large companies are now difficult to access by hackers. Being sufficiently better protected, cybercriminals will then turn to suppliers that are generally small businesses with limited means and a low security standard. So they can then hope to reach the computer system of large companies.

In addition, it was pointed out that one-third of the companies did not have sufficient information on violations in the supply chain. In this context, many companies do not even realize that they have been the victims of a computer attack.

In addition, there is also the problem of the cloud, which today is pointed out: "It is true that being more open to the outside world is in itself an aggravating factor. It is often forgotten that the difficulties on public clouds are the same as those for On Premise infrastructure. It should be noted that system administrations are now also becoming reachable and accessible via the Internet, especially with SaaS-type solutions," explains Philippe Rondel, senior security architect at it security company Checkpoint.

In terms of the main source of these failures, several aspects should be looked at. In other words, the origins are varied. With the attack based on the NotPetya program, one can realize that evil can come from anywhere, including processes that are supposed to facilitate these security issues namely software updates or the use of common software for routine tasks.

"There are therefore EDI-type, billing, or API-type flows, which represent mechanisms by which a company computer interrogates a computer from another company in the same ecosystem. These feeds connect the platforms of different organizations through access rights: for example, a provider may be asked to retrieve lists of addresses for deliveries to be made. This provides potential paths of attack through which cybercriminals can move from one organization to another, through a small player with fewer resources to protect themselves from cyber risks," explains KPMG's partner and head of the Cybersecurity and Personal Data Protection division. Thanks to the trust that the supplier naturally has, the hacker continues to intrude as he goes along. "Attempted intrusions can take many forms," he says, with the example of "a Las Vegas casino being attacked through the aquarium maintenance provider."

In this case, identity theft is usually common. Cyber criminals can also take advantage of certain information that comes out of the company. For example, information related to activities that should be carried out within a certain framework.

Now access an unlimited number of passwords: