Written by Simon Whitburn, Global Senior Vice President of Cybersecurity Services, Nominet
What do you think about when you consider cyber security for your own organisation? No doubt you’ll look to protect the corporate network: the systems, digital assets and datacentres that form the information backbone of your organisation. You will probably consider securing your endpoints — retail banks, for instance, often provide customers security software to help protect online banking services. But how do you go about considering the cyber security of your supply chain?
The supply chain is incredibly vulnerable to security threats and the more complex it is, the greater the vulnerability. As systems of multiple partners spread throughout diverse geographies, using different security standards, supply chains become relatively easy to interfere with and the security implications are vast.
For instance, even if untrue, the claim that China was able to install surveillance chips on a US company’s servers, which were then shipped to some of the world’s biggest brands, shows just how such a supply chain-based attack could pan out and how easy it would be to initiate a data exfiltration attack through a weak link in the supply chain. In our globalised world it’s vital that companies have deep insight into their supply chains and are able to secure them end-to-end.
Securing the supply chain
This is as true of the data supply chain as it is of the traditional physical supply chain. One of the greatest threats facing businesses is that a data breach at a supply chain partner yields data that can then be used for a sophisticated attack on their organisation. Indeed, such attacks are commonplace: organisations including Target, the IRS and Home Depot have all been victims of data breaches at third parties.
Data exfiltration is also a key concern when it comes to the data supply chain. As businesses increasingly adopt cloud services, they are, in effect, outsourcing their data management to supply chain partners. Much of this data is highly sensitive and represents a compelling target for black hat hackers. Indeed, there are documented attacks where data aggregators have been targeted through such data exfiltration techniques.
Protecting the enterprise from vulnerabilities in the supply chain is therefore a significant task. It requires all supply chain partners to coordinate their security approaches and hold themselves to appropriately high standards. It is incumbent on businesses to audit potential supply chain partners, including their cloud IT service providers, to ensure their security approaches are fit-for-purpose and that there’s adequate visibility into their processes. In a globalised system, security must be coordinated.
The role of DNS protection
However, organisations need to take additional measures to protect themselves from attacks that leverage data stolen from supply chain partners. These attacks can fool authentication systems or be used to launch social engineering attacks. In these cases, organisations need an additional layer of protection to authenticate network traffic. It’s here that deep packet inspection at the Domain Name System (DNS) layer comes into its own. By analysing DNS data in real time, enterprises can pick up on malware, phishing attacks, data exfiltration and other security threats that might leverage weaknesses in third party systems. It will protect your core business even if there’s a breach somewhere in your supply chain.
Last year, supply chain cyber attacks increased by 200%. It seems likely that cyber criminals are increasingly aware of the vulnerabilities of supply chains and are looking to exploit them. Organisations need to immediately review their supply chain security framework, standardise it and embed the highest levels of security. And internally, businesses need to step up efforts to authenticate network traffic and identify potential attacks at speed. The race is on.
Originally posted here
Originally published at digileaders.com on January 16, 2019.