www.theepochtimes.com
Open in
urlscan Pro
151.139.128.11
Public Scan
URL:
https://www.theepochtimes.com/3-out-of-5-companies-affected-by-software-supply-chain-attacks_4276725.html
Submission: On February 16 via manual from US — Scanned from DE
Submission: On February 16 via manual from US — Scanned from DE
Form analysis 1 forms found in the DOM
GET https://www.theepochtimes.com/search/
<form action="https://www.theepochtimes.com/search/" class="search_form" method="get">
<label for="searchtext">Search Text</label>
<input id="searchtext" itemprop="query-input" type="text" name="q"><input id="searchtype" itemprop="query-input" type="hidden" name="t" value="ai">
<a class="search_icon" href="javascript:void(0);">SEARCH</a>
</form>Text Content
MENU ABOUT US MAKE A DONATION SEARCH CLOSE Help Center subscribe newsletter Newsstands Epoch Shop Gift * Editor’s Picks * SPECIAL SERIES * Special Coverage * LATEST ARTICLES * US * US News * US Features * Politics * Crime and Incidents * New York * San Francisco * Los Angeles * Opinion * Thinking About China * Viewpoints * Unbridled Evil: The Corrupt Reign of Jiang Zemin in China * The Reader’s Turn * America Essay Contest * China * US-China Relations * Chinese Regime * Business & Economy * Chinese Culture * China Human Rights * Social Issues * Organ Harvesting in China * World * Africa * Americas * Asia & Pacific * Canada * Europe * UK * Australia * International * Middle East * Business & Economy * Companies * Economy * Markets * Real Estate * ARTS & CULTURE * Fine Arts & Craftsmanship * Performing Arts * Books * Traditional Culture * Shen Yun Special Coverage * Film & TV * Science * News * Space * Environment * Tech * Tech News * Tech Products & Reviews * Social Media * Sports * Video * American Thought Leaders * China Insider * Crossroads * Life & Tradition * Inspired * Family & Home * People * Food & Dining * Travel * Entertainment * Film & TV * Entertainment News * Mind & Body * News * Age Well * Fitness & Nutrition * Wellness * Traditional Wisdom * Mindset Search Text SEARCH * Epoch TV * US * Politics * China * World * Opinion * Business & Markets * Science * Bright * Mind & Body * Arts * Premium * Games * Livestream * More * Business * CCP Virus * Epoch Fun 39 Email Share + Copy Link Share articles. Earn gift cards. Learn more MOST READ 1 Brian Laundrie’s Full Autopsy Report Released by Florida Examiner 1d share419 FacebookTwitterEmail comments345 2 ‘We Will Hold the Line’: Freedom Convoy Organizers Say They’re Not Deterred by Emergencies Act 1d share2632 FacebookTwitterEmail comments1420 3 US Urges No Travel to 6 New Locations Over ‘Very High COVID-19 Risk’ 12hr share504 FacebookTwitterEmail comments529 (Pixabay) Business & Economy 3 OUT OF 5 COMPANIES AFFECTED BY SOFTWARE SUPPLY CHAIN ATTACKS By Nicholas Dolinger Nicholas Dolinger Nicholas Dolinger is a business reporter for The Epoch Times and creator of "The Beautiful Toilet" podcast. View profile Follow February 14, 2022 Updated: February 15, 2022 biggersmaller Print A new survey has revealed that three out of every five companies were victim to software supply chain attacks in 2021, marking a drastic rise in the prevalence of these attacks and sending cybersecurity into a scramble for solutions. The survey, which was carried out by the software company Anchore, reported that 62 percent of organizations were impacted by supply chain attacks in the past year. “In the simplest terms, a software supply chain attack occurs when a cybercriminal manipulates an organization’s software code to deliver malicious ‘payload’ to downstream applications and users,” explains Julie Preiss, chief marketing officer of the software company Appgate, in a statement to The Epoch Times. “They typically target small, less-secure companies that do business with larger companies (hence the term supply chain).” Preiss continues, “The reasons these attacks are on the rise boil down to a few basic facts: more business is conducted online than ever before, creating a large and enticing attack surface; many organizations have inadequate cyber hygiene, resulting in vulnerabilities and misconfigurations in their software that can be easily exploited; and, a single successful hack can yield enormous potential beyond the original purpose making the pay-off very appealing.” The Anchore survey, which collected data from Dec. 3 to Dec. 30 of last year, coincided with the discovery of a vulnerability in the ubiquitous Apache Log4 utility on Dec. 9. After the discovery of this vulnerability, reports of supply chain attacks jumped by 10 percent. The results of the survey are reflective of a broader trend, which has seen a very fast rise in the prevalence of supply chain attacks. A recent analysis by the security firm Sonatype record 12,000 incidents in 2021, constituting a 650 percent increase in the prevalence of supply chain attacks. “Supply chain attacks are becoming increasingly more common and hard to defend against. We’ve seen this with multiple attacks over the last 12 months and it is becoming a very lucrative way for threat actors to make money or steal information,” says Bryan Hornung, CEO of the New Jersey-based cybersecurity firm Xact IT Solutions, in a statement to The Epoch Times. Hornung is a proponent of the zero trust security framework, which requires all individuals both inside and outside of an organization to be authenticated and consistently validated for access to applications and data. In so doing, advocates of this strategy believe that they can efficiently eradicate many of the vulnerabilities that have become apparent in the past year. The analysis of the Anchore survey emphasized another approach to fighting the rise of supply chain attacks: prioritizing better practices of software bill-of-materials (SBOM), referring to the list which catalogues all components in a given piece of software. “Despite the foundational role of SBOMs in providing visibility into the software supply chain, fewer than a third of organizations are following SBOM best practices,” says the Anchore report. “In fact, only 18 percent of respondents have a complete SBOM for all applications.” While the degree of supply chain software attacks in 2021 is unprecedented and drastic, the cybersecurity industry has kicked into high gear in response to such reports as those by Anchore and Sonatype. The industry is offering a multiplicity of approaches to combat the problem, and the current year will likely serve as a testing ground for these new strategies, as different companies compete to ensure the security of individuals and networks in an increasingly digital economy. Nicholas Dolinger Follow Nicholas Dolinger is a business reporter for The Epoch Times and creator of "The Beautiful Toilet" podcast. Featured Channels Top 10 Videos Kara Frederick: Big Tech Totalitarianism and America’s Emerging Social Credit System share FacebookTwitterEmail comments Live Q&A: GoFundMe Under Fire for Canceling Trucker Fundraiser; Fauci Scientists Called to Testify share FacebookTwitterEmail comments Erik Bethel: China’s New Digital Currency Is Tool for Mass Control, in China and Beyond share FacebookTwitterEmail comments Exclusive Interview with Trump | Kash’s Corner share15436 FacebookTwitterEmail comments884 Key State Department Email Detailing $7 Million Bribe Was Never Provided to Trump’s Impeachment Defense | Truth Over News share4930 FacebookTwitterEmail comments221 ‘Shame on Zhu Yi’: China Turns on US-Born Olympian share485 FacebookTwitterEmail comments127 Facts Matter (Feb. 11): Six Provinces Lift Mandates After Protests Continue; Secret Phone Recording of Ontario Premier share1429 FacebookTwitterEmail comments118 Live Q&A: Durham Says Democrats Paid to Undermine in Presidency; DHS Surges Forces to Counter ‘Freedom Convoy’ share1080 FacebookTwitterEmail comments231 Big Pharma Exposed, Scientists Speak Out About Vaccine Mandates | Larry Elder share1956 FacebookTwitterEmail comments65 Wokal Distance: The Campaign Against Joe Rogan and the Basis of Woke Ideology share1545 FacebookTwitterEmail comments135 Kara Frederick: Big Tech Totalitarianism and America’s Emerging Social Credit System share2555 FacebookTwitterEmail comments180 Live Q&A: GoFundMe Under Fire for Canceling Trucker Fundraiser; Fauci Scientists Called to Testify share309 FacebookTwitterEmail comments77 Erik Bethel: China’s New Digital Currency Is Tool for Mass Control, in China and Beyond share2299 FacebookTwitterEmail comments111 Exclusive Interview with Trump | Kash’s Corner share FacebookTwitterEmail comments Key State Department Email Detailing $7 Million Bribe Was Never Provided to Trump’s Impeachment Defense | Truth Over News share FacebookTwitterEmail comments ‘Shame on Zhu Yi’: China Turns on US-Born Olympian share FacebookTwitterEmail comments From Around the Web US suspends Mexican avocado imports on eve of Super Bowl marketbeat.com Cheslie Kryst, Former Miss USA, Dies at 30 ntd.com Super Bowl ads: Chevy does "Sopranos," Bud's Clydesdale marketbeat.com ‘The Walking Dead’ Actor, 31-Year-Old Moses J. Moseley, Found Dead ntd.com Ukraine president's ratings fall as crisis with Russia brews marketbeat.com 4 People Frozen Dead at US-Canada Border ntd.com Supreme Court Rejects Republicans’ Challenge to Pelosi’s Voting Rules ntd.com Ukraine’s President Demands Proof From US Over Alarmist Invasion Claims ntd.com Body of 70-Year-Old Italian Woman Found Sitting in Chair, Two Years After Her Death ntd.com 7 CommentsHideShow Comments -+ Policies and Regulations LOGIN TO COMMENT FINISH YOUR LOGIN TO COMMENT VERIFY YOUR ACCOUNT TO COMMENT Copyright © 2000 - 2022 Back Top We use cookies to understand how you use our site and to improve your experience. This includes personalizing content and advertising. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use. More informationI accept×