{"id":42,"date":"2019-06-08T20:31:00","date_gmt":"2019-06-08T20:31:00","guid":{"rendered":"https:\/\/thecyberstaff.com\/?p=42"},"modified":"2025-12-13T20:33:36","modified_gmt":"2025-12-13T20:33:36","slug":"supply-chain-attacks","status":"publish","type":"post","link":"https:\/\/thecyberstaff.com\/?p=42","title":{"rendered":"Supply Chain Attacks"},"content":{"rendered":"\n

As more and more organizations secure their users, networks, and systems, attackers are finding more creative ways to access sensitive data. The supply chain attack<\/strong> in cyber security is one of these methods; it\u2019s affecting not only organizations but average users as well. In a supply chain attack, cyber criminals hack third-party vendors or service providers, thereby accessing your data through that third party. Three types of supply chain attacks are formjacking, third-party server compromise and hacked software updates.<\/p>\n\n\n

\n
\"Making<\/figure>\n<\/div>\n\n\n

1. Formjacking is something you should be aware of if you make online purchases. Cyber criminals have developed methods to steal your credit card information after you enter it on a website. They inject malicious JavaScript code that sends them all the information you input. The only prevention for this is for website owners to better monitor their sites for unusual activity. For the consumers that shop online, monitor your bank statements for purchases you did not make.<\/p>\n\n\n

\n
\"Microsoft<\/figure>\n<\/div>\n\n\n

2.Third-party server compromise involves cyberattacks on outside vendors. For most organizations that have complex IT systems, working with third-party vendors can serve a great advantage. Vendors can offer a service that ends up being cheaper than personnel and training required to spin up that service in-house. When a vendor provides an IT service, they usually need to put a server on your network or have your network communicate with their server in the cloud. Cyber criminals will target the vendor\u2019s servers to gain a point of entry into an organization’s network. When working with a third party in this capacity, it\u2019s very important to audit their security posture and confirm they are protecting against these types of attacks.<\/p>\n\n\n

\n
\"How<\/figure>\n<\/div>\n\n\n

3. Hacked software updates occur when cyber criminals exploit third-party servers by adding malicious code to their software updates. In the last year, Dell and Asus both had applications compromised that delivered malicious software updates. Fortunately, the cyber security community exposed these threats and both Dell<\/a> and ASUS<\/a> provided fixes for the problems. The best way to stay secure in these types of attacks is to pay attention to recent security news and have a good understanding of the software you use.<\/p>\n\n\n\n

Supply chain attacks are just one new method cyber criminals are using to compromise systems. As the systems become more secure, criminals will find more creative ways in. Technology provides us with many conveniences, including increased productivity. However, with that benefit comes a dark side. The best way to combat the negative side of technology is to continue learning how to use it and secure it correctly. By being a lifelong learner and educating yourself about the tools you use, you\u2019re better equipped to prevent such attacks and protect your information.<\/p>\n","protected":false},"excerpt":{"rendered":"

As more and more organizations secure their users, networks, and systems, attackers are finding more creative ways to access sensitive data. The supply chain attack in cyber security is one of these methods; it\u2019s affecting not only organizations but average users as well. In a supply chain attack, cyber criminals […]<\/p>\n","protected":false},"author":1,"featured_media":40,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-42","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"brizy_media":[],"_links":{"self":[{"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/42","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=42"}],"version-history":[{"count":1,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/42\/revisions"}],"predecessor-version":[{"id":43,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/posts\/42\/revisions\/43"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=\/wp\/v2\/media\/40"}],"wp:attachment":[{"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=42"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=42"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thecyberstaff.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=42"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}