When planning a data breach, hackers are eyeing a new point of entry.
Two-thirds of surveyed organizations experienced a software supply chain attack in the past 12 months, according to Securing the Supply Chain.” a study from CrowdSource.
Nearly 80% of IT security professionals across the United States, Canada, U.K., Mexico, Australia, Germany, Japan, and Singapore believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years. Yet, few organizations are prepared to mitigate the risks, the study reported.
The vast majority (87%) of those that suffered a software supply chain attack had either a full strategy in place, or some level of response pre-planned at the time of their attack.
One issue is that 71% of IT professionals believe their organization does not always hold external suppliers to the same security standards, and only 37% of respondents in the U.S., U.K., and Singapore said their organization has vetted all suppliers, new or existing in the past 12 months. Only a quarter believe with certainty their organization will increase its supply chain resilience in the future.
Most respondents (90%) confirmed they incurred a financial cost as a result of experiencing a software supply chain attack. The average cost of an attack was over $1.1 million dollars, according to the study.
Following last year’s NotPetya attack (encrypting ransomware and malware that targets Microsoft Windows-based systems) and newly imposed General Data Protection Regulation (GDPR) guidelines for the collection and processing of personal information of individuals within the European Union (EU), organizations are more concerned about vetting their suppliers and partners. In fact, 58% of senior IT decision-makers whose organization has vetted software suppliers in the past 12 months stated that they will be more rigorous when evaluating their partners. Nearly 90% agree security is a critical factor when making purchasing decisions surrounding new suppliers.
Although almost 90% of the respondents believe they are at risk for a supply chain attack, companies are still slow to detect, remediate and respond to threats. On average, respondents from nearly all of the countries surveyed take close to 63 hours to detect and remediate a software supply chain attack, while the leading organizations aim to eject an adversary in less than two hours, also known as “breakout time,” according to prior CrowdStrike research.
However, the study indicates that organizations are looking to adopt leading approaches to breach protection such as behavioral analytics, endpoint detection and response, and threat intelligence. Three quarters of respondents already use or are evaluating these technologies.
“Fast-moving, advanced threats like supply chain attacks require organizations to adopt new best practices in proactive security and incident response,” said Shawn Henry, president of CrowdStrike Services and chief security officer. “The new attack methods we see today call for coordinated, efficient and agile defenses.”
Specifically, this includes a combination of endpoint protection technology, expert services, and intelligence to uncover critical investigation information faster, accelerate incident response, and enable companies to get back to business as quickly as possible, the study added.