Mike Sentonas, CTO at CrowdStrike, comments, “Frankly put, supply chains are vulnerable, and adversaries are actively researching ways to take advantage of this. We haven’t nearly seen the end of these attacks, and the implications for each one are significant for both the victims and the victims’ customers and partners up and down the chain.”

Supply chains are attractive targets for both cybercriminal gangs and nation-state actors. For the former, they provide the potential for large-scale extortion attacks (see Cyber Insights 2022: Ransomware), while for the latter they can provide extensive access to espionage-linked targets (see Cyber Insights 2022: Nation-States). Both were illustrated in 2021.