What are supply chain attacks? A more concrete threat than ever.

Redazione RHC : 14 July 2025 07:26

As businesses become increasingly dependent on technology, connectivity, and third parties in general, supply chain attacks are becoming increasingly common. These attacks are aimed at compromising companies through their suppliers and business partners.

Supply chain attacks can pose a significant threat to businesses and organizations, as they can compromise their security and that of the products and services they provide to customers.

In this article, we’ll explore the phenomenon of supply chain attacks: what they are, how a supply chain attack occurs, the most common attacks, and how organizations can take measures to protect themselves from these threats and how to choose suppliers.

What is a supply-chain attack

Supply-chain attacks are malicious acts perpetrated by attackers against one or more organizations in the supply chain of products or services.

These attacks can occur through a variety of methods, including the infiltration of malware or ransomware into one of the parties in the supply chain, the insertion of malicious hardware or software components into products or services provided by a supplier, or the interception of sensitive information during data transmission between parties in the supply chain.

Supply chain attacks pose a particularly serious threat to businesses, as they can compromise the security of the products and services provided to customers. For example, a supply chain attack against a medical device manufacturer could compromise the security of the devices themselves, putting patients’ health at risk.

In short, a cybercriminal targeting a large company could take advantage of security vulnerabilities in a supplier’s IT infrastructure to attack them.

How to choose a service provider

There are several things you can monitor to choose a supplier and reduce the risk of a supply chain attack. The main ones could be:

1. Cybersecurity: Before choosing a supplier, it’s important to evaluate their ability to protect your IT systems and sensitive data from potential attacks. You should evaluate the vendor’s cybersecurity measures, such as encryption, password management, firewall security, backup policies, and access management.
2. Security certifications and standards: Vendors that comply with security standards and certifications, such as ISO 27001, SOC 2, and PCI DSS, are generally more reliable when it comes to cybersecurity. Ensuring the vendor has appropriate certifications can be a good indicator of their security focus.
3. Vendor history: Checking the vendor’s reputation and reliability is important to understand their history and track record. You should seek information about previous security breaches and how the supplier handled them.
4. Risk Assessment: It is important to assess the risk of a supply chain attack for each supplier. For example, suppliers using older (technologically obsolete) or less secure technologies may pose a greater risk.
5. Supplier security policies: It is important that the supplier has robust and well-documented security policies that specify procedures to ensure supply chain security.
6. Data protection: It is important that the supplier uses data protection measures, such as encryption, to protect sensitive customer information during transmission and storage.

In summary, choose a reliable and experienced supplier with a solid reputation, adequate security standards, a positive track record, and Documented security policies can help reduce the risk of a supply chain attack.

The importance of contractual levels and control

Companies can take several measures to protect themselves from supply chain attacks. First, it’s important for companies to conduct a risk assessment to identify weaknesses in their supply chain and develop a risk mitigation plan. Some specific measures companies can take include:

1. Supplier Verification: Companies should verify the security and reputation of their suppliers. Companies should have processes in place to verify supplier identities and their security policies.
2. Contracts: Companies should include security clauses in contracts with suppliers. These clauses should define the parties’ responsibilities for data and system security.
3. Supply Chain Monitoring: Companies should continuously monitor their supply chain for suspicious activity. This may include the use of threat monitoring software and advanced security solutions.

The importance of level security measures Contractual

One of the most important things to protect against supply chain attacks is the contractualization of specific security requirements between the client and the supplier and the execution of specific recurring checks to verify the suitability of the implementation of these requirements.

Obviously, the security requirements that must be included in the contracts must be identified through specific risk analyses that must be performed on the contracted service.

Including specific penalties within the contract for failure to implement security requirements provides an excellent incentive for supplier companies to implement proper IT security on the IT infrastructures made available to the Client.

Security measures within contracts are very important for protecting the supply chain. However, their effectiveness depends on the company’s ability to enforce these clauses. Auditing activities performed by the client are essential to ensure that suppliers comply with security clauses and that the company’s data and systems are adequately protected.

Furthermore, third-party companies should also continuously monitor their own systems and networks for suspicious activity and take preventative actions to mitigate the risk of supply chain attacks. This may include using threat monitoring software and advanced security solutions.

Ultimately, securing the supply chain is a critical challenge for all businesses. However, adopting adequate security measures and monitoring them over time allows companies to reduce the risk of attacks and ensure adequate levels of security.

What have been the most famous supply chain attacks?

Supply chain attacks have become increasingly common in recent years, and several security reports point to a growing threat of these types of attacks.

One of the most notable recent supply chain attacks was the distributed ransomware attack on Kaseya, a US-based IT management software company. In the summer of 2021, a Russian-based cybercriminal group known as REvil exploited a zero-day vulnerability in one of Kaseya’s solutions to introduce ransomware payloads into software update packages.

Once all clients had downloaded the software update, the ransomware spread to hundreds of Kaseya customers. This attack caused significant damage to many businesses, including hospitals, healthcare centers, government agencies, and companies of various sizes, but it highlighted the importance of this type of cyberattack.

Even earlier, another well-known supply chain attack targeted SolarWinds, a US network management software company. In 2020, an unknown attacker compromised SolarWinds’ update software, inserting malware known as SUNBURST into the update package distributed to SolarWinds customers.

This attack compromised several US government agencies and many other organizations around the world.

Another well-known attack involved the CCleaner software. In 2017, a group of attackers compromised the CCleaner registry cleaner distributed by the cybersecurity company Avast. The attackers used this backdoor to distribute malware to several CCleaner users around the world.