Hackers are trying to attack big companies. Small suppliers are the weakest link
More than half of companies have serious vulnerabilities in their networks and use outdated software.
Defence companies and large organizations are often the primary targets for cybercriminal attacks, and it is the low cybersecurity level of small and medium-sized enterprises in the supply chain that makes them the first targets in malicious campaigns.
Researchers from the information security company BlueVoyant conducted an analysis of hundreds of defence contractors to small and medium-sized businesses. As it turns out, more than half of companies have serious vulnerabilities in their networks, including unsecured ports and outdated or vulnerable software.
Insecure ports, including remote administration tools and Remote Desktop Protocol (RDP) ports, are one of the most common vulnerabilities that could potentially allow cybercriminals to gain access to networks. Hackers can remotely access these services through phishing attacks if they are protected by built-in passwords or weak credentials.
Many of the companies analyzed use vulnerable software or outdated solutions that are no longer supported by the developer.
Cybercriminals regularly exploit vulnerabilities to gain access to company networks, and in the case of the defence industry, compromising even a small contractor can lead to cyber-attacks on a larger target in the supply chain.
The researchers believe that empowering contractors to secure the supply chain, continuously monitor and proactively detect cyber attacks will help protect the defence industry and ensure the security of a vital national security asset.
Catch up on more articles here
Follow us on Twitter here