Governance, legal, and risk

Supply Chain Attack

A supply chain attack, or third-party attack, is when cybercriminals attack a less secure supplier in group of organizations that work together in order to gain access to a larger target’s network. In cybersecurity supply chain attacks, criminals exploit weaknesses in third-party systems and use them to compromise other organizations in the supply chain. This means that even if an organization has strong cybersecurity measures in place, they can still be vulnerable if a third-party supplier or partner is compromised.