Supply chain attack
Cyberattack via an industry's supply chain / From Wikipedia, the free encyclopedia
Dear Wikiwand AI, let's keep it short by simply answering these key questions:
Can you list the top facts and stats about Supply chain attack?
Summarize this article for a 10 year old
A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain.[1] A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector.[2] A supply chain attack can happen in software or hardware.[3] Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components.[4] Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018. [5]
This article has an unclear citation style. (December 2020) |
A supply chain is a system of activities involved in handling, distributing, manufacturing, and processing goods in order to move resources from a vendor into the hands of the final consumer. A supply chain is a complex network of interconnected players governed by supply and demand.[6]
Although supply chain attack is a broad term without a universally agreed upon definition,[7][8] in reference to cyber-security, a supply chain attack involves physically tampering with electronics (computers, ATMs, power systems, factory data networks) in order to install undetectable malware for the purpose of bringing harm to a player further down the supply chain network.[2][4][9]
In a more general sense, a supply chain attack may not necessarily involve electronics. In 2010 when burglars gained access to the pharmaceutical giant Eli Lilly's supply warehouse, by drilling a hole in the roof and loading $80 million worth of prescription drugs into a truck, they could also have been said to carry out a supply chain attack.[10][11] However, this article will discuss cyber attacks on physical supply networks that rely on technology; hence, a supply chain attack is a method used by cyber-criminals.[12]