Supply Chain Attack

A supply chain attack targets an organization by compromising a less-secure element in its supply chain — a software vendor, service provider, hardware supplier, or managed service provider. Instead of attacking the target directly, the adversary compromises a trusted vendor and uses that relationship to deliver malware or gain access to the target's environment.

High-profile supply chain attacks like SolarWinds (2020) and Kaseya (2021) demonstrated the devastating potential of this attack vector. Thousands of organizations were compromised through trusted software updates from their vendors. These attacks are particularly dangerous because the malware comes from a trusted source that security tools may not scrutinize closely.

Why It Matters

Supply chain risk management is addressed in CMMC requirements, and the DoD increasingly scrutinizes contractor supply chains. Evaluating your vendors' security practices, monitoring for supply chain compromises, and having incident response plans for vendor-related breaches are practical necessities.