CyCognito Blog

Research

SUNBURST exposes supply chain security risks

Raphael-Reich
By Raphael Reich
Was Vice President of Marketing at CyCognito
December 29, 2020

The recent cyber intrusion campaign that leveraged modified SolarWinds software – now widely termed SUNBURST – has dramatically raised awareness of supply chain-based compromises and how intertwined organizations now are.

A Flanking Maneuver

Supply chain attacks are rooted in the military concept of a “flanking maneuver” in which an offensive force attacks their opponent from the flank (i.e., side) rather than head-on where the bulk of defensive forces are focused. In the cyber world, attackers work the same, targeting those areas where you are least focused. Attackers go after the paths of least resistance, often starting in your business partners, IT suppliers, subsidiaries or other related organizations and leveraging any entity or digital asset that eventually gets them access to their ultimate target: your applications, data and networks.

Attackers understand that your IT ecosystem extends well beyond your own organization and that you don’t control the security of all of your supply chain participants. They also know that organizations don’t have an easy way to discover all of those IT assets and test them for potential attack vectors. The SUNBURST attacks demonstrate organizations can be blindsided by unseen security weaknesses and vulnerabilities they simply don’t know how to find, let alone resolve.

Research: Organizations Ignore Their Supply Chain 

Most organizations focus almost entirely on protecting their known applications and infrastructure and that’s what virtually every cybersecurity tool is designed to do. No matter how large or small an organization’s security budget, very little spending is devoted to discovering, monitoring and protecting what is unknown.

The SUNBURST attacks make it clear that supply chain security is one of those unknowns. Research conducted by ESG and CyCognito confirms that: less than half of those surveyed consider partners and affiliates as extensions of their attack surface, and nearly half of organizations do not include SaaS applications and public cloud workloads in their definition of attack surface. 




About the Author
Raphael-Reich

Raphael Reich

Was Vice President of Marketing at CyCognito

Raphael Reich, a former Vice President of Marketing at CyCognito, has helped bring innovative, category-defining security products to market for over two decades.

Topics


Search the Blog



Featured Posts

Emma Zaballos
A New Framework: Understanding Exposure Management 
By Emma Zaballos
November 11, 2024
Jason Pappalexis
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Jason Pappalexis
Think your attack surface is covered? Let’s look at the math.
By Jason Pappalexis
September 30, 2024
Emma Zaballos
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Graham Rance
Web Application Security Testing: Struggles, Shortfalls and Solutions
By Graham Rance
June 3, 2024


Top Tags


Stay informed

Subscribe to the Blog

Subscribe now to get the latest insights delivered straight to your inbox.

CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.

Request a Scan

Related Guides

Discover insights on application security, exposure management and other key topics below.

Learning Center Attack Surface
Understanding Attack Surface Management

The definitive guide to attack surface management. Learn everything you need to know to reduce your cyber security risk with attack surface management.

Learning Center Exposure Management
Exposure Management in Cybersecurity: Concepts and Technologies

Exposure management is a set of processes which allow organizations to assess the visibility, accessibility, and risk factors of their digital assets.

Learning Center Vulnerability Assessment
Vulnerability Assessment: Process, Challenges & Best Practices

Vulnerability assessment is the process of identifying, quantifying, and prioritizing vulnerabilities in a system.

Related Products

Explore CyCognito modules ASM, AST and EI in the resources below.

Platform > Products
Attack Surface Management

Scalable, continuous, and comprehensive testing for all external assets, all the time.

Platform > Products
Automated Security Testing

CyCognito Automated Security Testing dynamically applies payload-based testing techniques across your entire external attack surface.

Platform > Products
Exploit Intelligence

CyCognito Exploit Intelligence uses threat intelligence about attackers’ behavior and exploitability for enhanced prioritization.