When you read that software supply chain attacks increased 42% in the first quarter of 2021 over Q4 2020, you might think the cybersecurity problem was related to the traditional supply chain. Many people think of a supply chain as boxes of products on trucks and ships. Software companies don’t ship physical CDs of their latest products like they did decades ago. Instead, their supply chain is now the internet and cloud as they send out their products there. Today, the cloud is actually the ‘truck’ that delivers new applications and updates to companies.
That means threat actors can find openings in those systems and methods. Often, the attack begins when an administrator downloads a new app or updates an existing app. From there, malware embeds itself into the application. Sometimes the employee doesn’t even realize the mistake — or if they do, it’s already too late.
Almost every organization uses multiple applications to run their business. So, software supply chain attacks have the potential to be widespread and very damaging. Take a look at what’s causing the increase in these types of attacks and what the enterprise can do to protect against them.
Open-Source Problems and Supply Chain Cybersecurity
One of the biggest issues is that many organizations rely on open-source supply chain apps. Attacks on open source code increased 430% between 2019 and 2020. Not all of these attacks are related to the supply chain. However, many of the systems software companies use to distribute their products are open source. This means the numbers of sup ..
Support the originator by clicking the read the rest link below.
