If it wasn’t clear before SolarWinds, it’s definitely clear now – cybercriminals don’t need to attack your business directly to take over your network. And to make matters worse, whether via news reports of system migrations or by identifying your organizations’ email security solution, malicious actors can get all the information they need about your supply chain to execute a well-informed and tailored attack within a matter of seconds.
So who is the most at risk? According to Vade, MSPs and those using Microsoft 365 are among the most vulnerable because these entry points allow for scalable, wide-spread attacks. In fact, because of this a Microsoft account is currently worth more on the black market than a PayPal account with direct access to finances.
While supply chain attacks may not be new to the security conversation, the increasing focus on MSPs and use of email providers to gain access is bringing attention to the power of supply chain invisibility. To find out more about this trend, listen to Adrien Gendre, Chief Product Officer at Vade, who talks about the ease at which hackers can identify the email security solution being used to protect a business, and turn it into a tool in their attack kit.