Supply chain cyber attacks have become the most common cyber threat to businesses over the past year. According to the new Kaspersky study “Supply chain reaction: securing the global digital ecosystem in an age of interdependence” almost one in three companies (31%) has suffered a real attack this year, with risk exposure being much higher than the global average in countries such as Mexico (43%), China (40%) and Spain (40%).

According to recent data from the World Economic Forum, nearly two-thirds (65%) of large companies point to third-party and supply chain vulnerabilities as their main obstacle to achieving cyber resilience in today’s interconnected digital environment.

Evolution of the main threats

In order to assess organizations’ exposure to supply chain risks, Kaspersky’s internal market research center commissioned a global study that analyzes the evolution of these threats and the extent to which companies around the world are exposed to them within their supply chain.

According to this report, 31% of large organizations suffered a cyber attack linked to the supply chain in the last 12 months, a figure higher than that recorded for any other type of cyber threat. This data highlights the growing relevance of supply chain security as a strategic priority.

This risk especially affects the most interconnected companies. In the analysis by size, large companies register the highest rate of incidents in the supply chain, reaching 36%.

Notably, this group of large organizations also manages a higher average number of hardware and software suppliers within their supply chain, with around 100 suppliers on average, significantly expanding the potential cyber attack surface in the supply chain.

In addition, organizations acknowledge granting access to their systems to numerous contractors: while small and medium-sized companies have about 50 on average, in large companies the number exceeds 130. This situation increases the complexity of supply chain management and facilitates another risk derived from digital interdependence: attacks based on trust relationships, in which cybercriminals exploit legitimate connections within the supply chain.

Over the last year, cyberattacks based on trust relationships—many of them originating in the supply chain—were among the five most common cyberthreats, affecting 25% of companies globally. These types of incidents were especially frequent in Türkiye (35%), Singapore (33%) and Mexico (31%).

Although cyberattacks on the supply chain and those based on trust relationships are among the most common threats, the survey reveals that many managers tend to underestimate them. By classifying risks according to their dangerousness, organizations prioritize complex attacks such as advanced persistent threats (APT), ransomware or insider threats, relegating the risks associated with the supply chain, despite their high frequency.

Only 9% of companies globally rank supply chain cyberattacks as their top concern, a surprisingly low level of attention considering the frequency with which these incidents affect the supply chain and compromise operations. Similarly, only 8% mention attacks based on trust relationships.

Gap between risk perception and management

Likewise, most experts recognize that a breach in the supply chain or trusted relationships can seriously disrupt operations. More than half of those surveyed identify this impact as the main consequence of this type of incidents in the supply chain. However, these threats still do not occupy a priority place in many organizations, which shows a gap between the theoretical perception of risk and practical supply chain management.

At the same time, supply chain cyber attacks are most frequently among the three most dangerous cyber threats in countries such as Singapore (38%), Brazil (36%), Colombia (36%) and Mexico (35%).

“We operate in a digital ecosystem where every connection, every provider and every integration becomes part of our security profile and our supply chain. As organizations become more interdependent, so does their exposure to supply chain risks.

Only 9% of companies globally place cyberattacks on the supply chain as their main concern

In this context, protecting the modern enterprise requires a comprehensive approach that strengthens not only individual systems, but also the entire network of relationships that make up the supply chain and allow the business to function,” says Sergey Soldatov, head of the Security Operations Center at Kaspersky.

Only by implementing preventive measures throughout the organization and strategic management of relationships with suppliers and contractors will it be possible to reduce risks in the supply chain and ensure business resilience.

To mitigate these risks in the supply chain, Kaspersky recommends the following:

  • Thoroughly evaluate suppliers before formalizing agreements within the supply chain, reviewing their cybersecurity policies, incident history, and compliance with industry standards. In the case of software and cloud services, it is also advisable to analyze vulnerability data and penetration tests.
  • Establish contractual security requirements, conduct periodic audits, and ensure compliance with incident reporting policies and protocols throughout the supply chain.
  • Adopt preventative technological measures, such as the principle of least privilege, the Zero Trust approach and robust identity management, in order to reduce the impact if any element of the supply chain is compromised.
  • Guarantee continuous monitoring through solutions such as XDR or MXDR, included in the Kaspersky Next line, which allow real-time monitoring of the infrastructure and detect anomalies in software and network traffic within the supply chain, depending on the availability of specialized personnel.
  • Develop an incident response plan that specifically addresses supply chain attacks and includes measures to quickly identify and contain breaches, such as disconnecting the affected supplier from corporate systems.
  • Promote collaboration with suppliers on security, strengthening joint protection and making supply chain security a shared priority.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.