Supply chain as SMB threat

[harlan4096]

Small business owners may think their companies are too insignificant to become a target for cybercriminals. There is a certain logic in that: Attackers look for maximum profit from minimum effort. But two additional points are important to consider. First, large companies spend solid budgets on defense and therefore are harder to attack. Second, another option may be more attractive — an attack through the supply chain. Malefactors can compromise one company and get to hundreds of small firms.

Attacks through the supply chain

Being attacked through a supply chain typically means that a service or program that you have used for some time has become malicious. Over the past few years, we have seen several similar incidents with varying degrees of complexity and destructiveness. Here are a couple of the loudest.

ExPetr ransomware outbreak

While focusing on the destructive consequences of ExPetr (aka NotPetya), few people recall how it began. That’s a shame: One of its distribution vectors practically defines “supply-chain attack.” Attackers compromised the automatic update system of accounting software called M.E.Doc, forcing it to deliver the ransomware to all customers. As a result, ExPetr caused millions in losses, infecting both large companies and small businesses.

The CCleaner incident

CCleaner is one of the most famous programs for system registry cleaning. It is widely used by both home users and system administrators. At some point, attackers compromised the program developer’s compilation environment, equipping several versions with a backdoor. For a month these compromised versions were distributed from the company’s official websites. It was downloaded 2.27 million times.
...

Continue Reading