Femme StaffBy Chester Wisniewski, Director Field CTO Sophos.
With the rise of digital transformation in recent years, businesses have become increasingly reliant on multiple partners and suppliers. This shift has led to more complex IT infrastructures and significantly expanded the attack surface that cybercriminals can exploit. Attackers now tend to target the weakest links in the supply chain to gain access to corporate systems.
For example, in November 2024, U.S. software provider Blue Yonder fell victim to a ransomware attack that impacted the operations of 3,000 companies across 76 countries. This raises a critical question: how can we protect the entire supply chain from increasingly frequent and sophisticated cyber threats?
Open Source and AI Multiply the Risks
Due to the interconnected nature of enterprise, supplier, and partner systems, attackers increasingly target these third parties to propagate their attacks laterally and compromise corporate data and systems. SMEs and subcontractors are particularly vulnerable due to their limited cybersecurity resources.
To many, open-source software components represent an attack surface, as the code being publicly available enables attackers to study it for flaws and potentially exploit many software applications at the same time be finding critical bugs. For well-managed software, it also provides an advantage. Popular open-source libraries are being continuously scrutinized and improved by hundreds of contributors leading to quicker discovery of problems and faster updates.
Moreover, with the rise of social engineering, cybercriminals are increasingly targeting employees with strategic access or high privilege levels within IT infrastructures. This allows them to use human manipulation tactics to bypass technical defenses. The rapid development of AI has further refined these techniques, enabling ultra-targeted phishing campaigns, deepfakes, and convincing mobile attacks. Finally, the rise of remote work and the use of personal devices—such as mobile phones—for professional purposes have expanded the attack surface available to cybercriminals.
Defense Strategies Relying on Zero Trust and MFA
To mitigate these risks, businesses must implement comprehensive protection strategies by adopting the right approaches, tools, and partners to combat potential attacks. The Zero Trust approach is a cornerstone of a strong cybersecurity strategy. It is based on the principle of “never trust, always verify.”
This involves implementing strong authentication methods [MFA], combined with strict controls and segmented access governance. It is essential to ensure that only the right individuals have the appropriate privilege levels and to regularly review—and adjust—access, particularly for external suppliers or partners.
Regulations Aim to Curb Supply Chain Attacks
It is equally important to ensure that all ecosystem members have adequate security protections in place, both for cybersecurity reasons and regulatory compliance. For example, since the DORA regulation came into effect in January 2025, financial service providers must ensure that all their suppliers and partners comply with established security standards. Failure to do so could result in hefty fines or even legal action. This is why regular audits of partners’ security postures are essential, along with ensuring they are properly trained and aware of cyber threats.
Cybercriminals are increasingly targeting the supply chain to infiltrate secure systems by exploiting smaller, less-equipped suppliers and partners. To ensure business continuity and protect increasingly complex and interconnected IT infrastructures, companies must develop and implement effective cybersecurity strategies and best practices. This involves collaboration not only with third parties but also with cybersecurity experts who can provide tailored solutions, guidance, and support to establish the technical frameworks needed to protect their entire ecosystem while ensuring regulatory compliance.
Follow us on Twitter and Facebook for real-time updates.
