Most data breaches on enterprise attack the supply chain

Image Credit: Geralt / Pixabay (Image credit: Image Credit: Geralt / Pixabay)

The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain. 

This is according to a new research paper published by SecurityScorecard, which claims 75% of all third-party breaches targeted the software and technology supply chains, mostly because threat actors can scale their operations “with minimal effort” that way. 

What’s more, 75% of organizations are at the “highest levels of maturity”, as their third-party risk programs have been manual as of 2021. “Companies must work toward automating vendor identification and cyber risk management across their entire digital ecosystem,” the researchers concluded.

The States in focus

It’s worth noting that the majority of all these breaches analyzed for the report were related to the MOVEit managed file transfer software. This product was found vulnerable in a way that allowed threat actors to exfiltrate sensitive data from its users.

Almost two-thirds (61%) of all third-party breaches were attributed to MOVEit. To make things worse, 64% of all third-party breaches were linked to Cl0p, the ransomware operators who were said to be the first ones to exploit the MOVEit flaw. LockBit, another infamous ransomware operator, took up just 7%.

Of all the different industries, the healthcare vertical was most affected by third-party breaches, making up 35% of all attacks. Healthcare-related data is highly prized by hackers.

Leaking it can cause all kinds of problems to the organization it was stolen from, which makes them more inclined to pay a potential ransom demand. Alternatively, threat actors can sell it well on the dark web.

Finally, two-thirds (64%) of all third-party breaches happened in North America, of which - 63% in the United States. SecurityScorecard does stress that this data may be somewhat skewed, as both the media and the security industry is “overwhelmingly” focused on English-speaking countries, and the US specifically.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.