As an SMB owner, you may be thinking that supply chain attacks are the preserve of larger, more lucrative targets. That's not necessarily the case. By targeting a single supplier, attackers can compromise scores or even hundreds of corporate clients, many of whom may be SMBs. For financially motivated criminals, this kind of return on investment is exactly what they're after.
A report from the Identity Theft Resource Center (ITRC) earlier this year revealed that 668 entities were hit by supply chain attacks focused on data theft, affecting over 27 million individuals. The number of such attacks increased by 42% in the first quarter of 2021 compared to the final three months of 2020, the ITRC reported more recently.
Supply chains are what modern businesses are built on. Whether you're a hair salon, a construction company or a small accounting firm, your business will have a large and increasingly complex network of partners and suppliers, delivering physical and digital goods and services. With this greater complexity, it has become increasingly difficult to gain full visibility and control over these suppliers, and, more importantly, how cyber secure they are. In fact, recent research revealed that over a third of businesses don't even know how many external suppliers they use.
The bottom line is that if any one of these companies is compromised, it could have a knock-on impact across the entire supply chain, potentially resulting in a serious small business cyber security breach. Developing effective cyber security strategies for small to medium-sized businesses means first understanding what you're up against.