Lessons learnt from third-party breaches in 2021

February 3, 2022

Last year we experienced some of the most damaging third-party data breaches in history, with the average financial impact for an enterprise reaching $1.4 million, making it the costliest type of cybersecurity incident in 2021.

In third-party breaches, attackers often gain access to sensitive data through less-secure vendors, business partners, suppliers, or contractors. Such breaches can be disastrous for organisations, resulting in regulatory fines, loss of business, potentially irreparable reputational damage – but they are very profitable for the cybercriminal.

Cyber-criminals exploit weak points in an organisation’s defences to launch attacks. It’s unfortunate, but increasingly the case, that these vulnerabilities are in the supply-chain. Whether it is because organisations don’t perform ongoing risk assessments or are simply unaware of the dangers their third parties pose, recent incidents have highlighted that companies are ill-prepared for an attack of this nature.

But what did we learn from the 2021 attacks:

  • One attack can last a lifetime

    When it comes to third-party breaches, the damage can continue for a long time. Accellion first reported their attack in December 2020, however victims continued to come forward throughout 2021 and it is likely to continue in the years to come.

  • We can’t reply on our vendors cybersecurity

The Volkswagen Group of America incident highlighted the importance of having systems in place to check vendor’s data and storage practices when in March 2021 a vendor of their’s had left unsecured data on the internet and customers data was accessed by cybercriminals.

  • Never assume and trust no third party

Even organisations at the forefront of security can fall victim to such crime as ClickStudios’ found out when their password manager ‘PasswordState’ was successfully targeted. This incident was a sharp reminder to all organisations that no third-party is exempt.

  • Every industry is a target

No industry is safe, and every organisation no matter what the size is a vulnerable target. As the reliance of third-parties within an organisation continues to grow so does the risk. Last year it was reported that Cancer Centers of Southwest Oklahoma’s cloud-based storage provider become a target with thousands of health records obtained.

  • One attack within the supply chain can shut down thousands of organisations

The Kaseya’s VSA attack by REvil ransomware gang demonstrated the power of a third-party incident and the damage it can cause globally. This incident alone highlighted the importance of checking the security of supply chain partners.

How can Darkbeam help?

You can never eliminate risk especially those posed by a third-party however there are tools that you can use to give you an understanding of your external risk profile and any vulnerabilities that may leave you exposed to an attack. Darkbeam’s automated platform, Horizon, gives you the ability to continually monitor and view third-party risk in seconds.

Sign up for your free-for-life myHorizon account today



Subscribe Here!