Type of attack where security flaws or vulnerabilities are introduced into equipment, hardware, software, or services before they are supplied to, or used by, a target.

Supply chain attacks can be used for a number of purposes, including breaching confidential data, stealing login credentials for further attacks, or even supplying defective equipment to prevent a service from being useable (a denial of service).

One example saw attackers compromise legitimate websites through website builders used by creative and digital agencies. The criminals utilised a redirect script to send people to a malicious domain they owned, where malware was downloaded and installed by users who were browsing legitimate websites.

Ongoing servicing, support, or updates may provide criminals with an opportunity to interfere with a supply chain.

By using this website you agree to our use of cookies to enhance your experience. I understand