A supply-chain attack, also known as a value chain or third-party attack, occurs when cybercriminals gain unauthorized access to software, services, networks, or hardware from the suppliers in a supply chain. By attacking a supplier at the source, the criminals effectively plant a trojan horse for the customers that use the services or networks of a compromised supplier.
These attacks are usually complex because of the large number of parties or customers involved, which sometimes exceed the hundreds or even tens of thousands. This is why companies need to cherry-pick the partners they work with because it may be difficult to locate the source of the attack.
The scale of supply-chain attacks was on full display in 2020 when SolarWinds, a major U.S. software company, had its IT monitoring system known as Orion compromised. This eventually affected more than 30,000 entities that used Orion. The third-party attack served as a springboard to target several victims even without directly attacking them.
Supply-chain attacks take various forms ranging from software, firmware, to hardware attacks. They can be prevented by strengthening entry points.