- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: Organisations are increasingly falling victim to attacks via their supply chain
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
Organisations are increasingly falling victim to attacks via their supply chain
Organisations are constantly being targeted in new ways. Instead of direct attacks, they are increasingly falling victim to attacks via their supply chain. This is worrying, as such events are harder to detect and prevent, especially when most incidents are kept secret.
Means to an end
The Financieel Dagblad (Dutch equivalent to the Financial Times) interviewed HSD partners Cybersprint, Deloitte and Secura on the growing risks of supply chain attacks. Together, they explain that hackers use these third parties as the first step of their attack, as it provides them with a way into many of the connected organisations. Next, they can either move on to their intended target, or use the intel to select individual organisations.
This was also the case with the SolarWinds incident last year, and other software suppliers such as CCleaner in 2017. Hackers can then send malicious ‘software updates’ to their clients, and install ransomware to gain access and encrypt valuable data.
Cases kept confidential
Unfortunately, many of the past supply chain attacks are never shared with the public. A reason could be that the targeted supplier and organisation are unaware of the origin of the attack. Another explanation is that the information is kept secret on purpose. “There is a lot of activity,” Eward Driehuis from Cybersprint says. “However, there aren’t any exact figures as attacks often remain unreported and the people involved sign non-disclosure agreements.”
Following the article, Eward expanded on the topic on BNR news radio. Here, he elaborated on the reasons why these cases are kept confidential, and why it’s hard to determine the motives and identity of the attackers. Is it for financial gain? Or corporate espionage by nation state actors? Listen to his explanation here (in Dutch).
Frank Groenewegen from Deloitte and Matthijs Koot from Secura both plead for better information sharing between third parties, intelligence services, governments and the different organisations they are connected to. That would provide for better insights into these kind of attacks, helping to prepare for future incidents. Adam Meyers from an American cybersecurity company called ''Crowdstrike'' and Steven Dondorp CEO of Northwave both state that digital spionage forms a threat for the Dutch economy.