Weak links: tech supply chain targeted: This attack on Ingram Micro reflects a broader shift in threat actors focusing on increasingly targeting beyond software development firms to broader tech supply chain nodes to maximize disruption.Jain added that entities like distributors, MSPs, and logistics providers offer high leverage with relatively lower security maturity compared to large enterprises. Enterprise security must now extend beyond internal controls to include continuous threat monitoring, resilience planning, and visibility across third-party networks. To evaluate and mitigate risks tied to critical IT distributors, organisations should enhance due diligence by assessing distributors’ security certifications, incident-response readiness, and tooling. “Contracts must include clear breach notification timelines, audit rights, and SLA terms for recovery. Leveraging third-party risk platforms and real-time attack-surface monitoring also ensures continuous oversight,” added Jaju.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4018040/ingram-micro-confirms-ransomware-attack-after-days-of-downtime.html
