Cyber attacks against suppliers
This threat assessment focuses on the cyber threat against the supply chain. It is relevant for all Danish private companies and government institutions.
Cyber attacks against suppliers that provide key services to Danish companies and authorities constitute a cyber threat, including against sectors that are critical to the functioning of the Danish society.
Cyber attack against the supply chain is an attack method where hackers target an organization with the purpose of using it as a single point of entry to compromise its clients. In this way, hackers can access information or systems belonging to their ultimate targets.
Many companies and government institutions in Denmark utilises suppliers of digital services through outsourcing. This is often in the form of cloud services, storage services, and IT service management.
Hackers have the capability and intention to attack the suppliers that provide these services to Danish customers. Several large international service providers have been targeted in attacks in recent years.
CFCS assess that this attack vector is used by both foreign states and cyber criminals.
-
Author
Centre for Cyber Security
-
Release Date
February 2, 2021