Digital-supply-chain challenge to cities and counties: Another cyber minefield to navigate
As cities and counties have steadfastly turned to managed service providers for enhanced improvements and security for their networks, a new type of cyberthreat has emerged to greatly undermine trust. The irony here is that many turned to managed service providers who promised greater cybersecurity and hardened system protections. Perhaps managed services sounded too good to be completely true, as cities and counties looked to their providers for more secure solutions in better managing and protecting their networks from cyber intrusions. A rash of incidents in mid-2021 helped to undercut all such blanket assurances and promises. Supply-chain hacks are not new, but-—ike all cybercrime they—have become more pernicious.
The Colonial Pipeline hack is a prime example of a “traditional” supply-chain hack, when a ransomware attack caused one of the largest oil-supply pipelines to cease operation for less than a week, leading to gas outages, shortages and higher prices. Most thought of supply-chain issues as something completely focused on getting parts and materials to suppliers in the most expeditious manner possible. In addition, the pandemic highlighted supply-chain issues regarding shortages in furniture availability, due to shortages of lumber and foam. Cars, trucks, boats and even appliances had to cut their production lines because of shortages in essential computer chips.
Physical or traditional supply-chain issues can certainly be disruptive, but so can digital-supply-chain issues. As reported, what is now being referred to as digital-supply-chain attacks have proven to be particularly worrisome. When a cyber services company or managed service provider’s customer downloads an update, it was once rightful to assume the update had been fully vetted, etc.
Until recently, few saw how supply hacks could occur in the cybersecurity environment; then the cyberthreat landscape presented no less than three digital-supply-chain hacks. Threat actors had successfully compromised the technology supply chains and were able to obtain access into their target’s customer base, providing them unprecedented access to thousands of unsuspecting customers. This led to large-scale attacks on governments and enterprises, impacting small and large businesses, local governments and hospitals. The SolarWinds, CodeCov and Kaseya attacks are prime examples. Threat actors were able to gain entrance to these company’s ecosystems through unknown vulnerabilities and backdoor supplier support chains.
SolarWinds is a major cybersecurity company that provides system management tools for network and infrastructure monitoring offering technical services to hundreds of organizations around the world through its Orion software product. More than 30,000 public and private organizations—including local, state and federal agencies—use the Orion network management system to manage their IT resources. Threat actors were able to infiltrate at least nine U.S. agencies and about 100 companies, plus hundreds of electric utilities in North America. The hack compromised the data, networks and systems of thousands, as SolarWinds inadvertently delivered malware as a “routine” update to the Orion software.
To read the complete article, visit American City & County.