The European Union Agency for Cybersecurity (ENISA) has analyzed 24 recent software supply chain attacks – including those through SolarWinds Orion, Mimecast, Codecov and Kaseya – and concluded that strong security protection is no longer enough as supply chain attacks continue to worsen.
ENISA’s report found that 66% of supply chain attacks focus on the supplier’s code, while malware is the attack technique used in 62% of attacks. Expert comment from Ilia Kolochenko, Founder of ImmuniWeb and a member of Europol Data Protection Experts Network:
“The supply chain attacks complied by ENISA highlight impeccable coordination between cybercriminals amid comparatively simple hacking techniques. Most of the attacks, even those involving exploitation of 0day vulnerabilities, could have been prevented by defense-in-depth and zero-trust models. Worse, many of the large-scale intrusions exploited lack of attack surface visibility, vulnerable software with security flaws publicly disclosed many months or even a few years ago, or primitive password reuse attacks successful due to missing 2FA and other pretty simple security mechanisms designed to stop human-focused attacks. Thriving phishing attacks dominate the modern threat landscape, being evidence that the human factor remains the cornerstone of corporate cyber resilience.
“There is a clear trend to exploit misconfigured CI/CD pipelines and vulnerable cloud deployments. Amid the pandemic, countless organizations rapidly moved their IT infrastructure to a cloud, while trying to save money on training and cloud-specific security hardening. Combined with legacy IT infrastructure, third-party managed servers and software, the digitalization in 2021 made organizations a low hanging fruit for cybercriminals.
“Finally, cyber-gangs are much better organized compared to the cybersecurity industry. They meticulously plan and coordinate their attacks, leverage division of labor and eventually attain impressive efficiency. Contrasted to cybersecurity teams, bad guys are never on holidays or sick leave, and will even purposely conduct swift raids while the victim organizations are the most unprepared.”
The post Strong security protection not enough against supply chain attacks appeared first on Logistics Business® Magazine.
Packers and movers in peenya Packers and movers in peenya Packers and movers near me Packers and movers near me Packers And Movers Banashankari Bangalore a Packers And Movers Banashankari Bangalore a Packers And Movers Jayanagar Packers And Movers Jayanagar Packers and movers Yelahanka Packers and movers Yelahanka Packers And Movers Btm Layout Packers And Movers Btm Layout Packers And Movers Koramangala Packers And Movers Koramangala Packers And Movers Hsr Layout Packers And Movers Hsr Layout Packers And Movers Bommanahalli Packers And Movers Bommanahalli Packers And Movers Begur Road Packers And Movers Begur Road Local Packers And Movers Bangalore Local Packers And Movers Bangalore Packers And Movers Ramamurthy Nagar Packers And Movers Ramamurthy Nagar Packers and movers Bangalore Packers and movers Bangalore
