Introduction
What is supply chain cyber-security?
Supply chain cyber-security mostly involves protecting an organization's software and services from cyber-attacks against products. These include sourcing, vendor management, supply chain continuity and quality, transportation security and many other functions across the enterprise and require a coordinated effort to address.
What exactly is a supply chain?
It is the chain of manufacturing of raw materials in a company, which contains moving parts; this could be raw materials, suppliers, manufacturers, distributors, customers and even consumers. An attacker could choose to attack any one of these and continue attacks downstream on that chain. These are a linked set of resources and processes between multiple tiers of developers that begins with the sourcing of products and services and extends through the design, development, manufacturing, processing, handling, and delivery of products and services to the acquirer.
How are supply chain attacks done?
It’s normally done through loopholes left in the device software, which attackers use to insert malicious code into the software to exploit the supply chain by sending it out as a system update to the vendor’s clients, or by means of compromising network components and protocols. These components can be compromised by means of performing offensive security in an illegal manner by an attacker. Examples can include SQL Injection Attacks, and similar.
What are some of the dangers of supply chain attacks?
Some of....
Thanks. This is going to be good.