What is 'Supply Chain Attack'

A supply chain attack is a cyberattack that attempts to inflict damage to a company by exploiting vulnerabilities in its supply chain network. A supply chain attack entails continuous network hacking or infiltration processes to gain access to a firm’s network. More than 60% of cyberattacks originate from the supply chain or from external parties exploiting security vulnerabilities within the supply chain, according to a 2016 survey by Accenture.

BREAKING DOWN 'Supply Chain Attack'

The supply chain network is a frequent targets for cyber crimes, as a weak link in the supply chain can grant the cyber criminals access to the larger organization in custody of the data sought after. Supply chain attacks expose a conundrum in a company’s supply network which discloses that an organization’s cyber security controls are only as strong as that of the weakest party on the chain.

The adoption of various forms of emergent technology has brought about an enormous amount of data in various forms. Through resources like the internet, cell phones, and cloud computing, companies can now electronically obtain data and share it with their partners and third party vendors. Entities like individuals, businesses, and governments believe that that relevant information that can be mined from the data set can be used to better improve their operations and processes, and thus, improve their customer engagement. But the exchange of data conducted among various companies brings with it a certain level of risk which entails cyber theft. Sophisticated cyber criminals also realize the importance of the data held by companies and device strategies to gain access to the sensitive data. 

The drive to minimize operational costs through technological progress brought about the need for a supply network. A company’s supply network usually consists of third party entities like manufacturers, suppliers, handlers, shippers, and purchasers all involved in the process of making products available to the end consumers. Because the target company may have a security system that may be impenetrable for even the sophisticated cyber criminals, supply chain attacks are carried out on the third party businesses on the chain who are deemed to have the weakest internal measures and processes in place. Once one member’s security protocols are found to be weak, the member’s vulnerabilities become the target company’s risk.

Examples of Supply Chain Attacks

There are several ways a supply chain can be attacked. Theft of a vendor’s credentials can lead to the infiltration of the companies affiliated with the vendor. For example, Target was the victim of a supply chain attack in 2013. Its security measures were breached when one of its third-party’s security credentials was compromised. The credentials typically included login, passwords, and network access to Target’s computer. The vendor’s questionable security practices allowed hackers to gain entry into Target’s system resulting in the theft of 70 million customers’ personally identifiable information. The aftermath of the breach led to the CEO’s resignation and enormous costs for the company which topped $200 million.

Another way a supply chain can be attacked is through malicious software, popularly known as malware. By embedding malware such as worms, viruses, spyware, Trojan horses, along with counterfeit components that modify the source codes of a manufacturer’s software, cyber attackers can gain entry into the target company’s files and steal its proprietary information.

  1. Denial Of Service Attack (DoS)

    A Denial Of Service Attack (DoS) is an intentional cyberattack ...
  2. Chain Store Sales

    An indicator that provides information on the monthly sales volumes ...
  3. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
  4. Value Chain

    A value-chain is a high-level model of how businesses receive ...
  5. Law of Supply and Demand

    The law of supply and demand explains the interaction between ...
  6. Option Chain

    An option chain is a listing of all puts, calls, and strike prices ...
Related Articles
  1. Personal Finance

    How Cyber Security Risks Impact Your Bank

    Cyber security has become a paramount concern for the banking sector, but some banks have been hesitant to implement much-needed security measures.
  2. Tech

    Why Tech Giants Are Acquiring Cyber Security Companies (SNE, HACK)

    Explore the factors behind the rise and consolidation of the cyber security segment, and the reasons why tech companies are targeting these firms for acquisition.
  3. Tech

    Can Blockchain Make Medications Cheaper and Safer?

    Blockchain-driven innovation has the potential to change the entire pharma lifecycle, from development through to delivery.
  4. Personal Finance

    Supply Chain Management Jobs Are Booming

    There has been huge growth in supply chain management, both in the number of positions open and the range of responsibilities assigned to those positions.
  5. Tech

    Legal Considerations for Your Cybersecurity Program

    Nearly every financial institution has experienced some sort of cyberattack over the last few years. It pays to create a cyber-secure environment.
  6. Financial Advisor

    Don't Hide From The Reality Of How Terrorism Affects The Economy

    After major terror attacks, most people don't want to think about economics. But the post-terror economy affects the lives of the whole world, so it's important to be knowledgeable.
  7. Small Business

    Value chain analysis: The basics

    Value chain analysis establishes an action plan to understand and implement activities that create values to a firm's clients, resulting in firm profits.
  8. Insights

    Chain Launches Blockchain Open Source Developer Platform (MSFT, NDAQ)

    San Francisco-based blockchain technology solutions provider Chain, Inc., has recently released ‘Chain Core Developer Edition,’ a free and open source version of its distributed ledger platform ...
  9. Tech

    Are Cybersecurity Stocks On Sale? (HACK)

    Cybersecurity stocks may be on sale, providing an opportunity for value investors. A high-profile attack or two could benefit the Cyber Security ETF (HACK)
  10. Tech

    Food and Supply Chains Industries Show New Interest in Blockchain

    Walmart is among a growing number of global brands aiming to harness the power of blockchain tech in food supply chains.
  1. What is the difference between a value chain and a supply chain?

    Learn the difference between a value chain and a supply chain, and why a company would want to maximize the value of both. Read Answer >>
  2. What are the primary activities of Michael Porter's value chain?

    Understand the primary activities of Michael Porter's value chain, and learn how a company can optimize those activities ... Read Answer >>
  3. What is a "daisy chain"?

    A daisy chain is a term used to describe a group of investors who engage in activities that inflate or deflate the price ... Read Answer >>
  4. How Does the Law of Supply and Demand Affect Prices?

    Learn how the law of supply and demand affects prices, as when one outweighs the other, prices can rise or fall in response. Read Answer >>
  5. What impact have terrorist attacks had on the insurance industry?

    Learn about the impact of terrorist attacks on the insurance industry and how the 9/11 terrorist attack led to important ... Read Answer >>
  6. Who are Rite Aid's (RAD) main competitors?

    Learn about Rite Aid Corporation, the third-largest drugstore chain in the United States, and its major competitors in the ... Read Answer >>
Trading Center