Supply Chain Attack

Security+ 🏆 • Threats ⚠️ • Secure Development ⚙️ • Security Operations 🛡️ • Difficulty: free

Definition

A supply chain attack is when an attacker compromises a trusted third party, product, or process so the victim is infected or exposed through normal business operations. Instead of attacking the target directly, the attacker abuses trust in software updates, vendors, service providers, or components that the target relies on.

Examples

A legitimate software update is compromised and delivers malware to customers who install it.
An attacker breaches a managed service provider and uses its remote access tools to reach multiple client networks.

Discover 🔎

Most security programs focus on protecting the organization’s own systems, but modern organizations depend on many external suppliers. Software vendors, cloud providers, contractors, managed service providers, and open-source components all become part of your environment. Supply chain attacks exploit this reality. They succeed by turning something trusted into a delivery path.

Remember: In a supply chain attack, the attacker does not break the front door. They come in through something you already trust.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.