Software supply chains are proving easy pickings for cybercriminals


Supply Chain

(Image credit: / TMLsPhotoG)

Software supply chain attacks are proving to be a winning strategy for cybercriminals looking to compromise large organizations and wreak havoc across their IT infrastructure, new research has said.

A report from BlackBerry found the vast majority (74%) has companies had received a notification of an attack, or vulnerability, in their software supply chain in the last 12 months.

As risk grows, so do the enterprises’ efforts to mitigate it, the report further explained. More than half (54%) deployed data encryption, and a similar percentage (47%) is regularly training their staff on cybersecurity. Multi-factor authentication (MFA) has been deployed by 43% of the survey respondents.

Trojan horse

At the same time, the majority (68%) of IT leaders believe their software supplier’s cybersecurity policies are at least comparable, if not stronger than (31%) those they have implemented. Finally, nearly all (98%) of the respondents were confident in their suppliers’ ability to identify and prevent the exploitation of a vulnerability within their environment.  

A software supply chain attack turns a software supplier into an unwitting Trojan horse for the victim organization. Since most enterprises have tightened up on cybersecurity, it has gotten more difficult to break in. However, software suppliers might not have the same security measures, and thus could be easier to compromise. From there, hackers can infect the software with malicious code and open the doors to the kingdom from the inside.

Operating systems (32%) and web browsers (19%) continue to create the biggest impact for organizations, the report concludes. 

Organizations suffering a software supply chain attack feel the sting of financial loss (62%), data loss (59%), reputational damage (57%), and operational impact (55%). Almost two in five (38%) take up to a month to recover. 

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

  • Most data breaches on enterprise attack the supply chain
  • Here’s a list of the best firewalls around today
  • These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.


Please enter your comment!
Please enter your name here

Share post:



More like this

Season 4 of The Boys Is an 8-Episode Beginning of the End

ALL GOOD THINGS must come to an end. Especially...

65 Best Golf Gifts for Father’s Day

Best White T-ShirtsBare-Knuckle BoxingHow to Count MacrosTrue Story of...

Exactly How Much Water You Should Drink to Lose Weight

WEIGHT LOSS CAN be meticulous. Having to think about...

How to Barbell Deadlift With Proper Form

THERE ARE FEW more direct expressions of strength than...