Answer: You are describing a supply chain attack—a cyberattack that impacts not your organization specifically, but one of your suppliers, thus disrupting your operations or, in this case, exposing your company to further attack.

This type of cyberattack is becoming more common as criminals realize that they can breach organizations en masse by attacking service providers who have some level of access to many companies’ systems. The most publicized recent supply chain attack was the SolarWinds attack in December 2020. In that case, SolarWinds was responsible for pushing updates to their clients’ systems. The attacker gained access to SolarWinds’ systems and published fraudulent updates that installed malware on many of SolarWinds’ customers’ networks. Even though those end-user customers were not directly breached, the attack on their service provider ended up exposing them to risk and attack.

These are complicated situations, especially among small businesses, because third-party vendors are more common than in-house services in those environments.

So, how do you determine if you have risk associated with a vendor or some other party in your digital supply chain?

Ask! If you’ve ever applied for cyber risk insurance or undergone an audit where your computer systems were evaluated, you were likely given a questionnaire regarding your company’s digital security and processes. Make a copy of one of those audits, or download one of the many freely available templates online. Ask your key vendors to complete them. Work with your in-house or contracted IT provider to evaluate responses, and refresh that audit with vendors once a year or so to assess the risks.

What steps should you take to prevent this kind of breach?

Grant access to your systems only when actually needed. Especially with third-party IT support, external vendors are often given unrestricted 24/7 remote access to your systems. While this can be helpful if something goes down in the middle of the night, it also creates opportunities for your systems to be attacked. If you can, limit access to your systems to an as-needed basis, and use permitted-hours settings on your servers or firewalls to determine when external vendors are allowed to access your systems, and from where. The middle of the night, weekends and especially holidays are prime times for attackers to try and breach systems.

Purchase and install endpoint-detection-and-response (EDR) software or systems. EDR can be thought of as anti-virus software plus-plus. It combines the features of old-style anti-virus with proactive threat detection, network monitoring, update verification, and plenty of other features that not only block known threats but can use behavioral data to spot and block “fishy” activity that is out of the norm for your company. EDR will often detect and block threats coming from a theoretically trusted source, like a key vendor. EDR software is also not as expensive as many people believe, as you can obtain high-quality EDR for as little as $45 to $60 per device, per year. Of course, more expensive options do exist, but even a reasonably priced small business solution will provide a great deal of protection from unexpected threats.

Finally, enable and enforce two-factor or multi-factor authentication on all of your systems. Most attacks are related to credential-stealing, where a vendor’s credentials are used to illicitly access your systems. By enforcing multi-factor authentication, you remove the username and password as the sole barriers to entry and require that they possess some physical object like a security key or smartphone to complete the login process.

This article is provided by Enquiron, which offers Association members cybersecurity resources at no cost. Learn more about the benefit at .

Of the 1,200 executives who participated in the 2021 survey, 59 percent said they worry some or a great deal about cyber, and 25 percent said their company has been a cyber victim, up 150 percent from 2015.

Despite the heightened concerns, only 61 percent of executives reported feeling extremely or very confident in their company’s cyber practices, and many businesses are unprepared to deal with the risks, researchers said.

Just 43 percent said their company has a written business continuity plan in the event of a cyberattack, and only 48 percent said their company has adopted multifactor authentication to mitigate the risk.

Our Association soon will offer members a resource to dramatically increase their cyber defenses. The service kicks off Nov. 1 and will be featured in a now-in-production issue of Ag Innovator. You can also learn more during a breakout session at the Marketing & Distribution Convention.

Source: Business Insurance

In association with Enquiron, the Resource Center offers:

• A cyber risk assessment template to get a quick pulse on your organization’s current cyber readiness
• Online cyber training for managers and employees
• Live and recorded webinars
• Phishing security testing for your employees
• An incident response plan template tool to customize your response plan for your organization
• A curated library of cybersecurity content that touches on topics such as phishing, passwords, threat analysis, ransomware, hacking, privacy, and malware.

As an example of a resource, the site offers a on ransomware that not only defines the risk but also offers tips on how to:

• Reduce your exposure to a ransomware infection
• Respond if a machine at your company becomes infected
• Respond if you don’t have a data backup
• Proceed with paying the ransom if you choose to do so.