Half of Firms Report Supply Chain Ransomware Compromise


Over half (52%) of global organizations know a partner that has been compromised by ransomware, yet few are doing anything to improve the security of their supply chain, according to Trend Micro.

The security vendor polled nearly 3000 IT decision makers across 26 countries to produce its latest report, Everything is connected: Uncovering the ransomware threat from global supply chains.

It revealed that that 90% of global IT leaders believe their partners and customers are making their own organization a more attractive ransomware target. 

That might be down in part to the fact that SMBs comprise a significant chunk of the supply chain for 52% of respondents. The security of SMBs is generally thought to be less effective than protection in larger, better resourced companies.

However, despite their concerns, less than half (47%) of respondents said they share knowledge about ransomware attacks with their suppliers, while a quarter (25%) claimed they don’t share potentially useful threat information with partners.

This could be because they don’t have useful intelligence to share in the first place. Trend Micro found average detection rates for ransomware payloads at 63%. However, the figure fell considerably for threat activity such as:

  • Use of legitimate tooling like Cobalt Strike in attacks (53%)
  • Data exfiltration (49%)
  • Initial access (42%)
  • Lateral movement (31%)

“Many organizations aren’t taking steps to improve partner cybersecurity,” said Trend Micro technical director, Bharat Mistry. “The first step towards mitigating these risks must be enhanced visibility into and control over the expanding digital attack surface.”

The findings chime with an earlier Trend Micro study that revealed 43% of global organizations feel their digital attack surface is “spiralling out of control.”

Alongside best practice cyber-hygiene steps such as multi-factor authentication, regular patching, user education and least-privilege access, the vendor advocates the use of a single platform for attack surface management, and prevention, detection and response capabilities.

Products You May Like

Articles You May Like

Are you in control of your personal data? – Week in security with Tony Anscombe
PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration
Black Basta Deploys PlugX Malware in USB Devices With New Technique
Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
GoTo admits: Customer cloud backups stolen together with decryption key

Leave a Reply

Your email address will not be published. Required fields are marked *