High-profile cyber incidents, such as the cyber-attacks on SolarWinds and Microsoft Exchange Servers, have directed attention to the resilience of supply chains. These attacks demonstrated how vulnerabilities in third-party products and services can be exploited by cyber-criminals, affecting hundreds of thousands of organizations at the same time. The fact is that software supply chain attacks are fast increasing: by 300% in 2021. Bad actors are focusing on source code to generate weaknesses and open backdoors to critical applications. Whether it is vulnerable open-source software, compromised container images or unauthorized access to code, there are plenty of ways to be exploited.
(Cybersecurity) Rafforzare la sicurezza della catena di approvvigionamento (fonte: Infosecurity)