What is 'Supply Chain Attack'

A supply chain attack is a cyberattack that attempts to inflict damage to a company by exploiting vulnerabilities in its supply chain network. A supply chain attack entails continuous network hacking or infiltration processes to gain access to a firm’s network. More than 60% of cyberattacks originate from the supply chain or from external parties exploiting security vulnerabilities within the supply chain, according to a 2016 survey by Accenture.

BREAKING DOWN 'Supply Chain Attack'

The supply chain network is a frequent targets for cyber crimes, as a weak link in the supply chain can grant the cyber criminals access to the larger organization in custody of the data sought after. Supply chain attacks expose a conundrum in a company’s supply network which discloses that an organization’s cyber security controls are only as strong as that of the weakest party on the chain.

The adoption of various forms of emergent technology has brought about an enormous amount of data in various forms. Through resources like the internet, cell phones, and cloud computing, companies can now electronically obtain data and share it with their partners and third party vendors. Entities like individuals, businesses, and governments believe that that relevant information that can be mined from the data set can be used to better improve their operations and processes, and thus, improve their customer engagement. But the exchange of data conducted among various companies brings with it a certain level of risk which entails cyber theft. Sophisticated cyber criminals also realize the importance of the data held by companies and device strategies to gain access to the sensitive data. 

The drive to minimize operational costs through technological progress brought about the need for a supply network. A company’s supply network usually consists of third party entities like manufacturers, suppliers, handlers, shippers, and purchasers all involved in the process of making products available to the end consumers. Because the target company may have a security system that may be impenetrable for even the sophisticated cyber criminals, supply chain attacks are carried out on the third party businesses on the chain who are deemed to have the weakest internal measures and processes in place. Once one member’s security protocols are found to be weak, the member’s vulnerabilities become the target company’s risk.

Examples of Supply Chain Attacks

There are several ways a supply chain can be attacked. Theft of a vendor’s credentials can lead to the infiltration of the companies affiliated with the vendor. For example, Target was the victim of a supply chain attack in 2013. Its security measures were breached when one of its third-party’s security credentials was compromised. The credentials typically included login, passwords, and network access to Target’s computer. The vendor’s questionable security practices allowed hackers to gain entry into Target’s system resulting in the theft of 70 million customers’ personally identifiable information. The aftermath of the breach led to the CEO’s resignation and enormous costs for the company which topped $200 million.

Another way a supply chain can be attacked is through malicious software, popularly known as malware. By embedding malware such as worms, viruses, spyware, Trojan horses, along with counterfeit components that modify the source codes of a manufacturer’s software, cyber attackers can gain entry into the target company’s files and steal its proprietary information.

RELATED TERMS
  1. Supply Chain

    A supply chain is a network of entities and people that work ...
  2. Zero Day Attack

    Zero Day Attack is an attack that exploits a potentially serious ...
  3. Supply

    Supply is a fundamental economic concept that describes the total ...
  4. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
  5. Eavesdropping Attack

    An eavesdropping attack is an incursion where someone tries to ...
  6. 51% Attack

    51% attack refers to an attack on a blockchain – usually bitcoin's, ...
Related Articles
  1. Personal Finance

    Why You Should Consider A Career In Supply Chain Management

    Supply chain managers ensure that increasingly global companies can coordinate distant sources of materials, labor, and manufacturing to successfully bring products to market.
  2. Tech

    SWIFT Attacks: Hackers Strike Again

    The recent SWIFT cyberattack has revealed connections to the earlier Bangladesh and Sony attacks.
  3. Financial Advisor

    Your Financial Advisory Firm Has Been Hacked. Now What?

    Taking the right steps following a cyber attack can mitigate the impact on clients.
  4. Insights

    5 Ways Your Small Business Is at Risk for a Cyber Attack

    Small business owners think they are immune to hacks because of their size, but they are not. When they find the guard is down, hackers are exploiting common weakness.
  5. Small Business

    Value chain analysis: The basics

    Value chain analysis establishes an action plan to understand and implement activities that create values to a firm's clients, resulting in firm profits.
  6. Investing

    13 Ways to Invest in Cybersecurity

    Rarely a week goes by without a new media story about data breaches, hacking schemes or cyber attacks impacting individuals, companies and even governments. Four top investment experts who contribute ...
  7. Insights

    Who Stands To Lose (And Gain) From The Paris Attacks

    For every major world event, there are those who stand to lose and those who stand to gain. A look at the short, medium, and long-term impacts of the Paris attacks.
  8. Tech

    Prevent Employees From Hacking You Computer System

    Cyber security attacks from a current or ex-employee can cause a lot of pain. Here is how to avoid such attacks.
  9. Tech

    A New Economic Threat: State-Sponsored Hacking

    State sponsored hacking attempts are becoming a major cause of concern to the US. Here is a list of US sectors most vulnerable to state-sponsored hacking.
  10. Insights

    Chain Launches Blockchain Open Source Developer Platform (MSFT, NDAQ)

    San Francisco-based blockchain technology solutions provider Chain, Inc., has recently released ‘Chain Core Developer Edition,’ a free and open source version of its distributed ledger platform ...
RELATED FAQS
  1. Value chain analysis: What are the advantages and disadvantages?

    Learn about the five activities that make up a generic value chain, and understand the advantages and disadvantages of value ... Read Answer >>
  2. How does a strong value chain management team help a company?

    Understand what makes up a company's value chain and the point of a value chain. Learn how a strong value chain management ... Read Answer >>
  3. Is demand or supply more important to the economy?

    Learn more about the impact of supply and demand in an economy. Find out why companies study supply and demand as part of ... Read Answer >>
  4. What is a "daisy chain"?

    A daisy chain is a term used to describe a group of investors who engage in activities that inflate or deflate the price ... Read Answer >>
  5. What are the most famous instances of backward integration?

    Learn more about backward integration in the supply chain and see how two famous examples, Carnegie Steel and Apple, used ... Read Answer >>
  6. Why do supply shocks occur and who do they negatively affect the most?

    Take a deeper look at the nature of supply shocks, an economic phenomenon that dramatically changes the equilibrium level ... Read Answer >>
Hot Definitions
  1. Cryptocurrency

    A digital or virtual currency that uses cryptography for security. A cryptocurrency is difficult to counterfeit because of ...
  2. Financial Industry Regulatory Authority - FINRA

    A regulatory body created after the merger of the National Association of Securities Dealers and the New York Stock Exchange's ...
  3. Initial Public Offering - IPO

    The first sale of stock by a private company to the public. IPOs are often issued by companies seeking the capital to expand ...
  4. Cost of Goods Sold - COGS

    Cost of goods sold (COGS) is the direct costs attributable to the production of the goods sold in a company.
  5. Profit and Loss Statement (P&L)

    A financial statement that summarizes the revenues, costs and expenses incurred during a specified period of time, usually ...
  6. Monte Carlo Simulation

    Monte Carlo simulations are used to model the probability of different outcomes in a process that cannot easily be predicted ...
Trading Center