NordVPN Promotion

Home / Blogs

Securing Weak Links in Supply Chain Attacks

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

We’ve all heard the term, “you’re only as strong as your weakest link.” Whether talking about a tug of war on the playground, a sports team, or a business, this rings as true as ever.

Every business relies on a series of suppliers and vendors—be it the dairy farm supplying milk to the multinational food manufacturer or the payment systems that retailers use. These links form supply chains that every business, large and small, deals with. There is simply no way around it. With an increasingly complex series of vendors and workflows comes increased risk.

What is a supply chain attack?

A supply chain attack is a cyber attack that occurs when a threat actor compromises your system through a third-party partner that has access to your systems and data. Typically, the vendor with the weakest cyber security is targeted.

A survey by Anchore found that 3 out of 5 companies were exposed to a supply chain attack in 2021 due to the global nature of business and the amount of different technology and vendors used.

An attack on your provider affects you too

The last two years have seen a few notable supply chain attacks. In late 2020, SolarWinds, an IT software provider to many U.S. federal government agencies and private sector companies, experienced a security breach. Its IT inventory management product was laced with malware which led to a further compromise of at least 18,000 of its clients who found signs of the malware in their systems.

Less than six months later, in May 2021, a major U.S. oil company, Colonial Pipeline, suffered a ransomware cyberattack; bad actors demanded millions in Bitcoin to restore the computerized systems that were compromised by the hackers. It was reported that an employee’s virtual private network (VPN) account that didn’t have multi-factor authentication had been breached, allowing the attackers access to the company’s network. The attackers made away with 100 GBs of data and encrypted IT systems in exchange for ransom. Fearing an attack on its operations technology that controls its fuel distribution, the company shut down its entire pipeline system. The company transports about 2.5 million barrels of fuel daily, and this sudden shutdown not only drastically reduced supplies but news of it resulted in panic buying that exacerbated fuel shortages. Many sectors rely on fuel, and the impact of this attack was unprecedented.

And if that wasn’t enough, in October 2021, Schreiber Foods, the U.S.’ largest cream cheese manufacturer, was disrupted by a ransomware attack that impacted its ability to “receive raw materials, ship product, and produce product.” This is a perfect example of the impact of supply chain events due to timing—it occurred at the height of the cream cheese season. On top of existing pandemic-driven challenges in manpower and logistics, the attack resulted in price spikes in cream cheese due to low production supply (and short shelf life of the cream cheese) and also had a farther-reaching impact on retail and foodservice sectors.

Domain security as your first line of defense

As the above cases illustrate, common in the attacks were breaches due to malware and ransomware. Research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered and confusingly similar domain name, or via email spoofing. A cleverly social-engineered domain name could trick even the most discerning user into unwittingly clicking on a link that inadvertently installs malware or ransomware. By employing domain security controls to prevent the abuse of the domain name and domain name system (DNS), companies can reduce the risks of such breaches.

Domain security is a critical component to help mitigate cyberattacks in the early stages—your first line of defense in your organization’s Zero Trust model.

Preventing a supply chain attack

All industries are susceptible to a supply chain attack, and there certainly are measures companies can take to mitigate the threat.

  • Know your vendors. First and foremost, audit your supply chain vendor. Choose your vendors carefully, and only use those that are enterprise-class with robust security practices and policies.
  • Control access. Keep track of access to key third-party applications, as well as limit network access to third-party tools wherever possible. Understand the subcontractors your third-party vendors have that could potentially introduce a fourth-party risk.
  • Follow government advisories. The scale and severity of the recent incidents have prompted many government agencies and security firms to release frameworks and best practices to defend against such attacks. Follow the guidelines and ensure your vendors follow them too.
  • Train your employees. According to the Cybersecurity and Infrastructure Security Agency (CISA), most cyberattacks—including ransomware and business email compromise (BEC)—begin with phishing. Train employees on security awareness to reduce this risk.
  • Enhance your domain security posture. Use a Domain Security Checklist based on a defense-in-depth approach to enhance your security posture.

By Vic DeBari, Global Director, Advisory and Engagement at CSC

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

NordVPN Promotion