Supply Chain Attack
An attack that targets a less-secure element in a supply chain to compromise the ultimate target organization.
Full Definition
A supply chain attack (also called a value-chain or third-party attack) occurs when a threat actor compromises an organization by targeting a less-secure element in its supply chain — typically a software vendor, technology provider, or service partner — rather than attacking the primary target directly.\n\nThe most devastating supply chain attacks exploit the inherent trust between organizations and their vendors. Once a trusted software component or service is compromised, the attacker gains automatic access to all downstream customers who use that component. The SolarWinds attack (2020) and the 3CX breach are notable examples where attackers embedded backdoors into legitimate software updates.\n\nThird-party risk management and continuous monitoring of vendor security postures are essential defenses. Threat intelligence helps identify when vendors' systems or credentials appear in dark web data, potentially indicating imminent supply chain risk to dependent organizations.
Related Terms
Third-Party Risk
Cybersecurity risks introduced through vendors, partners, and other third parties with access to your systems or data.
Security ConceptsLateral Movement
Techniques used by attackers to progressively move through a network after initial compromise.
Attack TypesInitial Access Broker (IAB)
A cybercriminal who specializes in breaching networks and selling that access to other threat actors.
Threat ActorsRansomware
Malware that encrypts victim data and demands payment for the decryption key.
Malware & InfrastructureMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.