- Cybercriminals are increasingly using vulnerable companies to target their partners and peers
- The number of third -party incidents has doubled in annual shift, shows the new Verizon report
- Attacks are used to access target organizations
New research has said that the involvement of third parties in data violations had doubled and is now observed in 30% of all cyber attacks.
The Verizon Business 2025 data violations of data violations of Verizon Business, which is based on more than 22,000 security incidents and 12,195 confirmed data violations, found the supply chain and partner ecosystems more and more abused in cyber attacks.
Cybercriminals use third parties to obtain initial access, it was also explained, because 81% of third -party violations involved the compromise of victim systems.
Target open source benchmarks
The results may not be too surprising, as some of the largest cyber attacks ever recorded came as a result of a third -party compromise.
The hacking of Solarwinds in December 2020 was one of the most important cyber-spying attacks in history. The threat actors compromised updates to the Orion de Solarwinds software, inserting the malicious code (later named “Sunburst”) which was distributed without knowing it at around 18,000 customers.
This allowed the attackers to deploy deadlines in the business networks that installed the contaminated update.
The violation would have been not detected for months, compromising American government agencies (the Treasury, State and Internal Security departments), large technological companies (Microsoft) and countless private companies.
The attack was blamed for a threat actor sponsored by the Russian state called Apt29 (alias Cozy Bear).
To lead third -party cyber attacks, threat actors often target open source code benchmarks, such as Github. They will try to push the malicious updates in code packages, or will try to “typosquat” a part of malicious software, in the hope that software developers will install the malicious code themselves.
It also works, because the news often has poor discovery code ruptures on Github, or accounts of compromised and abused people in the distribution of malware. Security researchers often warn that software developers should always check and never trust the code, regardless of its author.
Via Infosecurity magazine
