Cyber Security and Third Party Connections
How Third Party Vendors Can Compromise Your Security
The impact of a compromised IT infrastructure extends far beyond an organization’s internal mechanisms and functions. Data breaches and security incidents increasingly put not just individual companies but also entire supply chains at risk. Everyone in the supply chain is vulnerable, from original equipment manufacturers (OEMs) and contract manufacturers to distributors and resellers. For this reason, supply chain managers need to understand how cyber security problems and vulnerabilities from their suppliers could affect them, and take steps to mitigate those risks.
Third Party Connections
Because there are so many different kinds of third parties, identifying whether they do or don’t have the right infrastructure or security protocols can be a challenge. As so many organizations rely on a variety of different providers, third parties can become the gateways to the network.
According to recent research conducted by the Ponemon Institute, attackers are increasingly targeting less secure partners to compromise remote access points, steal and exploit privileged credentials, and gain access to targeted networks.
- 63% of data breaches are caused by security vulnerabilities introduced by third parties
- 58% of organizations have no confidence that their third-party vendors are securing and monitoring privileged access to their network
The security breaches at Target and Home Depot occurred because criminals got hold of and compromised a third-party vendor’s credentials, which typically include logins, passwords, badges, and security access. So who and what are these third party vendors and vulnerabilities?
- Retail and Supply Chain
In the case of Home Depot, once the hackers got the basic credentials, they then acquired elevated rights that allowed them to navigate portions of Home Depot’s network and deploy malicious software, or “malware,” on its self-checkout systems in the United States and Canada.
- HVAC Vendors
As for Target, according to a U.S. Senate report, the retailer gave network access to one of its third-party vendors, a heating, ventilation, and air conditioning (HVAC) company. The vendor apparently did not follow widely accepted information-security practices, and its weak security allowed the attackers to gain entrance to Target’s network.
- Distribution and Logistics
Cybersecurity is a growing concern in distribution and logistics operations. For example, an RF gun, voice recognition, scanning, tracking and tracing on and off a truck, GPS, mobile phones, temperature monitoring, and other sensors embedded throughout a distribution center and as part of the freight are certainly not new—but all provide IoT-style sensor data that can be easily hacked.
The end of 2014 brought the sophisticated attack known as Dark Hotel into the news. These attacks use hotel Wi-Fi networks to hack the devices of guests who are high-value targets, such as business executives, in order to steal a company’s sensitive information. When a targeted hotel guest uses the hotel Wi-Fi, he is tricked into downloading malicious software that appears as a legitimate software update.
- Software Developers
How do companies approach third-party application security? With more and more services and products relying on third parties to facilitate software development, that’s an important question. Third-party code can have a significant impact on cybersecurity, introducing risks at the same time as it speeds up business processes.
- Internal Contractors
Contractors and vendors who have privileged access to company systems pose a considerable security risk. One of the most common tactics used by cyber criminals is to find privileged users in an organization, gain access to their accounts, and then use their credentials to move freely throughout the system. This enables the criminals to avoid firewalls and other security controls as they map out the network and gain intelligence.