SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Inventory management systems
#
Malware
Aussie businesses' supply chains compromised by ransomware
Thu, 8th Sep 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Cybersecurity firm Trend Micro has announced new research that reveals Australian organisations are increasingly at risk of ransomware compromise via their extensive supply chains.

According to Trend Micro, over the past two years, cyber has come to dominate boardroom risk calculations, with ransomware unquestionably the pre-eminent concern of IT and business leaders.

One analysis reveals a 105% surge in ransomware last year, with hundreds of millions of attacks detected. That’s due in no small part to a surge in threats during the pandemic, which capitalised on digital investments and home working.

"The corporate attack surface is also increasingly distributed – across an extensive supply chain that spans cloud and software providers, professional services firms and other connected entities," Trend Micro says. 

"Each one of these may have privileged network access or store sensitive information belonging to client organisations. Each one therefore represents a potential security risk which must be addressed. Yet too often supply chains are nebulous and ill-defined, with controls applied in a reactive and haphazard manner, if at all. This must change."

Trend Micro commissioned Sapio Research in May and June 2022 to poll 106 IT decision makers across Australia. The research revealed that some 68% of Australian IT leaders believe their partners and customers are making their own organisation a more attractive ransomware target. 

The challenge is particularly acute considering that potentially less well-secured small and medium businesses make up a significant portion of the supply chain for more than half (53%) of these organisations. 

A year ago, a sophisticated attack on a provider of IT management software led to the compromise of scores of managed service providers and thousands of downstream customers. Yet, according to the research, only 45% of Australian organisations share knowledge about ransomware attacks with their suppliers. Additionally, 25% said they do not share potentially useful threat information with partners.

Trend Micro says this could be because organisations do not have information to share in the first place. Detection rates were worryingly low for ransomware activities including:

  • Ransomware malware (69%)
  • Legitimate tooling e.g., PSexec, Cobalt Strike (60%)
  • Data exfiltration (55%)
  • Initial access (53%)
  • Lateral movement (33%)

"We found that 48% of Australian organisations have had a supply chain organisation hit by ransomware, potentially putting their own systems at risk of compromise," says Mick McCluney, Technical Director at Trend Micro Australia and New Zealand. 

"But many are not taking steps to improve partner cybersecurity. The first step towards mitigating these risks must be enhanced visibility into and control over the expanding digital attack surface," he says.

McCluney says the supply chain can also be exploited by attackers to gain leverage over their targets. Among organisations that had experienced a ransomware attack in the past three years, 72% said their attackers contacted customers and/or partners about the breach to force payment, the report shows.

Related stories
Wavelink partners with Orca Security to enhance cloud security
Aqua Security celebrates consecutive year of channel growth
Fortinet upscales OT & CI cybersecurity in Asia-Pacific
ArchTIS secures software contract with Australian security agency
Five top concerns in private cloud visibility
Top stories
'Junk gun' ransomware: New low-cost cyber threat targets SMBs
Legit Security announces strategic partnership with GuidePoint Security
Waave launches biometrically secured Waave Wallet in Australia
Healthcare sector's cybersecurity confidence misplaced, warns Kroll report
Gartner survey reveals challenges in zero-trust strategy implementation