Page 176 - Cyber Defense eMagazine August 2024
P. 176

monitor their suppliers and determine their risk profile and the likelihood of a breach by implementing CTI
            practices. This paper draws many parallels to Resecurity's previous paper, "Active Dark Web Intelligence
            for  M&A."  CTI  research  can  answer  critical  questions  that  can  help  companies  understand  the  risks
            associated with their supply chain, including:


               •  Standard suppliers, by evaluating the precursors of a breach:
               •  How does this supplier compare to the cybersecurity risk with its competitors and other suppliers?
               •  If the company is a technology supplier and has released a new security patch, is (or will) the N-
                   day they have patched being actively exploited by threat actors?
               •  Has a data  breach or  loss been detected  that  could cause  regulatory  or privacy  concerns  and
                   materially affect their company or pose a risk to their customers?
               •  If my customers monitor their supply chain, what are they observing about my company?
               •  Critical suppliers, identifying actual breaches:
               •  Is the supplier experiencing a data breach, or has it experienced an undisclosed one in the past?

            What is the likelihood of the supplier being targeted, and will this result in a material data breach?

            How does this breach impact my company as their customer?  Has the supplier leaked strategic IP that
            affects my company, employees, or customers?

            Has the company been involved in an unknown or undeclared material breach, as the recent SEC rule 7
            defined? Did my company inherit these identified issues?

            Is the supplier at risk of an insider threat from disgruntled employees offering data or services on the dark
            web that could impact my company or customers?

            If my competitors monitor the dark web for breaches of their competitors, what are they observing about
            my company?



             In  May  2023,  a  group  of  hackers,  known  as  CL0P  (TA505),  started  exploiting  a  zero-day
             vulnerability in MOVEit - a file transfer software managed by Progress Software. The breach by
             the numbers:

             More than 62 million individuals were impacted.

             Over 2,000 organizations were breached.

             Approximately 84% of breached organizations are US-based.

             Approximately 30% of breached organizations are from the financial sector.

             The financial impact of the attack is over $10 billion.










            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          176
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   171   172   173   174   175   176   177   178   179   180   181