Nearly 60% of organizations have experienced an attempted supply chain attack in the past year, and e-mail vulnerabilities are a prime route to damage, according to data from Waltham, Mass.-based e-mail and cybersecurity firm GreatHorn.
The firm's Threat Intelligence Team released data showing that one of the most prominent techniques used in supply chain attacks is a form of man-in-the-middle (MitM) attack, in which an attacker compromises login credentials to leverage legitimate e-mail communication between parties in order to carry out their supply chain attack. Known as Vendor Email Compromise (VEC), the method allows attackers to log into a user’s e-mail so they can pose as that user and leverage trusted relationships in the user’s supply chain to take advantage of existing e-mail threads, or data, the company said.
“Given the quantity of workers remaining in a remote capacity, and the increase in phishing attacks that lead to malicious sites that compromise credentials, an organization’s supply chain has become a significant target for cybercriminals,” according to GreatHorn’s research on defending against vendor e-mail compromise. “With 3.7% of all e-mails containing potentially malicious links that bypass native e-mail security controls, and 41% of organizations stating that users click on malicious links daily, identifying links that attempt to harvest credentials is the first step for organizations in securing and protecting their users from account takeovers.”
To help prevent attacks, the research shows companies should augment or replace traditional e-mail security approaches with more sophisticated techniques; those include advanced computer vision programs that can analyze suspicious links and prevent employees from accessing password-stealing accounts, as well as biometric authentication programs that can recognize a user’s unique typing patterns such as keystroke speed, pressure, timing, and more.
“Attackers will continue to launch continuous attacks against supply chain partners, gaining access to supplier systems, including e-mail. Identifying spoofed vendors/individuals that can send malicious links and compromised partner accounts calls for advanced e-mail security techniques,” according to the company. “By augmenting or replacing traditional e-mail security approaches with more sophisticated capabilities, organizations can detect and mitigate the risk of supply chain attacks.”