Supplier Hacked? Next Steps to Take

It’s not a call you want to get. One of your suppliers is in touch to let you know they have been victimized by a cyber-attack. Whether it was ransomware or a phishing scheme or just a malicious file that someone clicked on, you immediately start thinking about the ramifications for your business. Does this mean you’ve been hacked, too? Did malicious actors get access to your systems through your integrations with the supplier? How vulnerable are you? Should you stop opening emails from them? How will that impact your operation? And what do you need to do about it?

Here’s our advice.  To protect yourself and your systems from the vulnerabilities introduced by the compromise of your supplier, you should take the following steps: Sweep your systems for any trace of unauthorized access; Meet with the supplier to figure out exactly what happened and how it might have affected you; Take action if you have been impacted; And, undertake a full audit of your supply chain to ensure that you are on top of any vulnerabilities before they become liabilities.  More on each of those below.

Getting Full Disclosure from Your Supplier

Then comes the hard-nosed bit that your supplier may push back on. You need to demand a sit down with them to have a full and frank conversation about the breach and how it happened. It’s probably a good idea for you to suggest doing so under the terms of an NDA so that your supplier (who will already be feeling in a vulnerable position) doesn’t need to worry that you’ll be telling tales out of school.

Make it clear to them from the outset that the goal is to fully understand so your team can do investigations on your own systems.  Be upfront (Read more...)

*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Adam Mansour. Read the original post at: