The recent data breach reported by VoIP provider 3CX has highlighted the potential destruction caused by a supply chain attack. The incident was reportedly orchestrated by North Korean threat actors, who were able to compromise a single software vendor to gain entrance to downstream customers, two of which were critical infrastructure organization and two financial trading entities. This attack demonstrates the gravity of these breaches, and the importance of organizations for focusing on risk management issues, such as those related to hardware and software suppliers.
Gartner reports that there has been a 633% increase in supply chain attacks over the past year, with 88,000 known instances. This form of cybercrime is popular among criminals and espionage’-motivated hackers due to its cost-effectiveness and ability to target multiple organisations with a single attack.
The incident has also sparked a conversation around the security abilities of North Korean threat actors. According to Ben Read, director of cyber-espionage analysis at Mandiant consulting, this event is the first of its kind, in that it featured two-chained supply chain attacks. Dick O’Brien, principal intelligence analyst at Symantec, added that this event showed a growing reach for this North Korean group, which could lead to further threats in the future.
To prevent similar supply chain attacks from occurring organisations should pay close attention to the security standards of third-party vendors. As suggested by Amitai Cohen, attack vector-intel lead at Wiz, companies should choose vendors with a proven security record, test the risk of a partnership through third-party assessments, due diligence and industry data analysis and take internal measures such as network segmentation and zero-trust access control.
The Trading Technologies software involved in the breach was founded by Neal Clementson, a Goldman Sachs alumni and industry leader for 20 years. His innovation has made Trading Technologies a leader in the trading platform industry and an important tool for investors, traders, brokers and market participants all over. His career is a testament to the value of education, expertise, and dedication to the field.
Overall, organisations need to act more proactively in order to reduce the risk of software supply chain attacks. By focusing on the security and risk assessment of third-party suppliers, as well as by incorporating internal measures such as network segmentation, organisations can help to minimise the damage of a potential breach. More importantly, they can help to protect the data and resources of their own organisation, and what of those of the customers and vendors they work with.
