Supply Chain Attack
What is Supply Chain Attack?
Supply Chain AttackAn attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers.
A supply chain attack targets the development, build, or distribution pipeline of a vendor so that malicious code, components, or updates are delivered as legitimate products to many victims at once. Notable techniques include compromising source-code repositories, injecting backdoors into build systems, poisoning open-source dependencies, abusing managed-service-provider access, and tampering with hardware during manufacture. Because the malicious artefact is signed and trusted, traditional perimeter defences rarely detect it. Mitigations rely on software bill of materials (SBOM), signed and reproducible builds, dependency pinning, vendor risk management, zero-trust principles, network segmentation, and continuous monitoring for anomalous post-update behaviour.
● Examples
- 01
Attackers inject a backdoor into a software vendor's signed update, infecting thousands of customers through routine patching.
- 02
A malicious package is published to a public package registry with a name similar to a popular library.
● Frequently asked questions
What is Supply Chain Attack?
An attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers. It belongs to the Attacks & Threats category of cybersecurity.
What does Supply Chain Attack mean?
An attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers.
How do you defend against Supply Chain Attack?
Defences for Supply Chain Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Supply Chain Attack?
Common alternative names include: Third-party attack, Vendor compromise.