Supply Chain Cyberthreats Balloon in 2018

Particularly in the electronics supply chain, intellectual property and product designs are the lifeblood of the organization—and a potentially lucrative draw for cybercriminals.  Looking for “quick bucks with minimal effort,” has put the supply chain in the crosshairs of cyber miscreants, according latest Symantec Internet Security Threat Report.

“Cybercriminals are testing and finding successful new attack strategies and then rolling them out across industries. They are escalating their efforts and maximizing their results with fewer attacks,” Matan Or-El, Co-founder and CEO of Panorays, a party of automated third-party security management solutions, told EBN.  

In fact, supply chain attacks rose by 78% in 2018, compared to the previous year, Symantec found. One common attack has been dubbed living-off-the-land (LotL) attacks.  LotL techniques allow attackers to hide inside legitimate processes. “For example, the use of malicious PowerShell scripts increased by 1,000% last year,” Symantec said.

Symantec blocks 115,000 malicious PowerShell scripts each month, the company said, which accounts for less than one percent of overall PowerShell usage. Unfortunately, blocking these types of threats would lead to disrupting regular business activities. Often, IT organizations need to work toward and invest in more sophisticated types of protection.   

“These attacks have put pressure on the entire supply chain, especially on smaller companies that may not have the IT expertise to defend themselves,” said Or-El. “To stay on top of these dynamic cyberattacks, companies must automate continuous monitoring of the supply chain to spot holes in security before cybercriminals leverage them.”

The report analyzed data from Symantec’s Global Intelligence Network, which records events from 123 million attack sensors worldwide, blocks 142 million threats daily, and monitors threat activities in more than 157 countries, the report said.

Other highlights of the report point to more general trends that impact businesses of all types, including electronics OEMs:

  • Form jacking attacks abound. Cybercriminals use fake forms to skim credit card information off of legitimate online retail sites. Symantec estimates that 10 stolen credit cards per compromised website can yield attackers up to $2.2 million per month, since single credit card numbers can demand a price tag of up $45 in underground selling forums.  
  • Ransomeware on the run, but not gone. For the first time since 2013, ransomware attempts are down 20% percent. Unfortunately, for enterprises, attempts actually rose 12%.
  • Cryptojacking yields mixed results. Cryptocurrences have dropped precipitously, going down 90% overall in value. That led to cryptojacking attempts to fall as well—falling 52% in 2018. At the same time, a low barrier of entry and low overhead costs will continue to attract criminal attention even as they garner less results.

Take a look at the infographic below from Symantec for more of the survey results.

— Hailey Lynne McKeefry, Editor in Chief, EBN Circle me on Google+ Follow me on Twitter Visit my LinkedIn page Friend me on Facebook

3 comments on “Supply Chain Cyberthreats Balloon in 2018

  1. peter321
    February 22, 2019

      Mozilla Firefox is one of the most widely used web browsers of the world. Millions of people use it to access their favorite websites on the web because of its speed and reliability.   However, if you are facing any problems in using your Firefox, help is just a phone call away. Just dial 1-877-916-7666 to get in touch with Mozilla Firefox technical support. We are there to make sure that you able to browse the net in a smooth and uninterrupted manner with your loved Firefox. It is a toll free number so feel free to contact us any time of the day on all 7 days of the week. 

  2. Sfinx
    March 20, 2019

    Excellent presentation, useful information that allowed me to get apex legends free coins rethink some things. I recommend reading to all!

  3. Sfinx
    June 17, 2019

    Cybercriminals use fake forms to skim credit card information off of legitimate online retail sites to buy followers instagram and more things to create a good social profile

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.