Share this article on:
Conventional cyber security safeguards are no longer enough to protect organisations from malicious actors in lieu of an expected bump in supply chain breaches, according to new ENISA research.
A new report from the European Union Agency for Cybersecurity (ENISA) — Threat Landscape for Supply Chain Attacks — has flagged an expected surge in supply chain cyber attacks in the coming month.
The research, which involved an analysis of 24 recent attacks, found that conventional security protections are no longer sufficient, with cyber criminals increasingly shifting their attention to suppliers.
ENISA is anticipating a four-fold increase in supply chain attacks year-on-year.
As such, the agency has urged policymakers and the broader cyber security community to employ new strategies aimed at preventing and responding to potential breaches.
“Due to the cascading effect of supply chain attacks, threat actors can cause widespread damage affecting businesses and their customers all at once,” Juhan Lepassaar, EU Agency for Cybersecurity executive director, said.
“With good practices and co-ordinated actions at EU level, member states will be able to reach a similar level of capabilities raising the common level of cyber security in the EU.”
The research revealed that attackers focused on the suppliers’ code in approximately 66 per cent of reported incidents, highlighting the need for validation of third-party code and software.
Roughly 58 per cent of the supply chain incidents analysed involved attempts to access customer data, including Personally Identifiable Information (PII) data and intellectual property.
Alarmingly, 66 per cent of affected suppliers were unaware or failed to report breaches.
Recommendations outlined by ENISA for customers include:
Meanwhile, suppliers have been encouraged to:
News Editor – Defence and Security, Momentum Media
Prior to joining the defence and aerospace team in 2020, Charbel was news editor of The Adviser and Mortgage Business, where he covered developments in the banking and financial services sector for three years. Charbel has a keen interest in geopolitics and international relations, graduating from the University of Notre Dame with a double major in politics and journalism. Charbel has also completed internships with The Australian Department of Communications and the Arts and public relations agency Fifty Acres