Security News > 2022 > January > Software supply chain attacks jumped over 300% in 2021
Software supply chain attacks grew by more than 300% in 2021 compared to 2020, according to a study by Argon Security.
According to the study, researchers discovered attackers focused most heavily on open source vulnerabilities and poisoning, code integrity issues, and exploiting the software supply chain process and supplier trust to distribute malware or backdoors.
Findings were based on a six-month analysis of customer security assessments conducted by Argon's researchers to determine the state of enterprise security and readiness to defend against software supply chain attacks.
"The number of attacks over the past year and the widespread impact of a single attack highlights the massive challenge that application security teams are facing," said Eran Orzel, Senior Director of Argon Customer Success and Sales.
It is not surprising that this is one of the fastest-growing methods of carrying out supply chain attacks.
"The software supply chain process is a core component of the modern application development lifecycle. Leaving this wide attack vector open, threatens to severely lower companies' application security posture, potentially exposing sensitive data and creating additional entry points into the application in runtime," said Orzel.
News URL
https://www.helpnetsecurity.com/2022/01/20/software-supply-chain-attacks-2021/
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)