What happens inside an organization during a supply chain attack?
What is a supply chain attack? A supply chain attack is when an attacker targets a third-party software vendor or supplier to gain access to an organization's network and sensitive data. These attacks can be particularly damaging as they can bypass traditional security measures and go undetected for long periods of time. An example is the SolarWinds incident where the vendor SolarWinds fell victim to a Russia-based threat actor APT29 aka Nobelium in December 2020. https://www.csoonline.com/article/3613571/the-solarwinds-hack-timeline-who-knew-what-and-when.html Scenario: The security team from a prominent semiconductor manufacturer Biochip (a fictional organization) recently learned about a security incident at a software maker Sentry (a fictional organization) . Biochip’s security team is concerned because they’re using Sentry’s products across their organization. They have not yet received technical details of the incident at Sentry and but there’s a confirmation that the at