HomeBlog › Threats

Supply Chain Attacks: How a Vulnerable Supplier Can Bring Down Your Business

Analysis of Supply Chain Attacks (SolarWinds, MOVEit, 3CX). How to Assess and Manage Third-Party Risk.

Ataques cadena suministro

Attackers no longer need to target your company directly. It is easier to compromise a software or service provider that already has access to your infrastructure. Supply chain attacks have become one of the most devastating and difficult-to-detect threats.

Recent Notable Cases

SolarWinds (2020)

Russian hackers compromised SolarWinds' Orion monitoring software by inserting a backdoor into legitimate updates. More than 18,000 organizations—including U.S. government agencies, Microsoft, and FireEye—installed the compromised version. The attack went undetected for 14 months.

MOVEit (2023)

A zero-day vulnerability in the MOVEit file transfer software affected more than 2,600 organizations and 77 million people. The CL0P group exploited it on a massive scale before a patch was available, extorting victims by threatening to publish their stolen data.

3CX (2023)

The 3CX communications software—used by 600,000 companies and 12 million users—was compromised in a two-step attack: the attackers first compromised a 3CX vendor (Trading Technologies), and from there injected malware into the 3CX installer.

XZ Utils (2024)

A malicious actor gained the trust of the maintainers of the open-source xz-utils project over a period of two years before inserting a backdoor into the compression library used by virtually all Linux servers. It was discovered by chance.

Why are they so effective?

How to Manage Third-Party Risk

BorneoCR monitors third-party software activity in their customers' infrastructure as part of AI-powered MDR. Our detection rules include indicators of compromise from the most recent supply chain attacks, and our AI identifies anomalous behavior in software that is expected to function predictably.
Share:
chat_bubble Talk to an expert