| Key Takeaways |
|
|
|
What Is a Supply Chain Attack?
A supply chain attack is a cyberattack that targets an organization indirectly by first compromising a vendor, supplier, or software component in its ecosystem. Supply chain attacks target software vendors, managed service providers, and SaaS platforms to reach downstream customers. When threat actors compromise a trusted supplier or integration point, they can leverage legitimate access, making detection more difficult than with a direct attack.
In some cases, these attacks evade or reduce the effectiveness of perimeter and endpoint defenses because the malicious activity enters through trusted relationships or normal operational channels.
Modern enterprises rely heavily on shared integrations and API connections, which broaden the attack surface and increase the number of downstream users a single compromised supplier can affect.
Common entry methods include phishing, credential theft, and exploitation of vulnerabilities, while advanced campaigns also use proxy infrastructure to bypass identity controls and multi-factor authentication. Without a formal supply chain risk management program, organizations lack a consistent mechanism to detect or contain such upstream compromises.
How Supply Chain Attacks Work
Supply chain attacks follow a consistent kill chain. Five stages define the progression from initial vendor compromise to downstream impact.
Stage 1: Initial compromise of a vendor or supplier
Threat actors typically gain access to a supplier network through phishing, credential stuffing attacks via stealer logs, or by exploiting public-facing applications. In this phase, the vendor serves as the entry point rather than the final destination.
Stage 2: Malware injection into software or updates
Once threat actors gain control of a vendor’s build environment, they implant malicious code directly into an upcoming software release. Because the manipulation occurs before the final compilation, the compromised software ships with a valid digital signature and travels through legitimate vendor distribution channels undetected.
Stage 3: Credential theft through third-party access
Threat actors do not always rely on custom malware to breach enterprise networks. Instead, they steal active OAuth tokens, API keys, and service account credentials to gain unhindered access to connected environments. Because these stolen assets use valid system permissions, they bypass traditional endpoint detection tools completely.
According to Group-IB’s High-Tech Crime Trends Report 2026, identity features have replaced malware as the primary intrusion mechanism in an expanding share of supply chain incidents. Attackers no longer need to deploy complex payloads to establish persistence. The credential is the payload. When threat actors steal a valid token, they instantly gain lateral access across connected networks without triggering a single malware signature.
Stage 4: Abuse of APIs, integrations, and remote access tools
Modern organizations connect business applications through APIs, cloud tokens, and software integrations. These pathways speed up workflows but also expand the attack surface beyond traditional network boundaries.
Threat actors routinely exploit these trusted links using three primary methods:
- Attackers abuse OAuth scopes. A single stolen cloud token can carry permissions across multiple connected systems, letting attackers pivot between SaaS platforms without triggering login alerts.
- Attackers compromise CI/CD pipelines. Stolen access keys embedded in CI/CD infrastructure let attackers manipulate code directly in the vendor’s build environment before it is signed and distributed.
- Attackers exploit MSP remote access utilities. Compromising a Managed Service Provider (MSP)’s remote monitoring tools grants attackers simultaneous, privileged access to every client network in that provider’s portfolio.
For guidance on reducing API exposure across your vendor integrations, see API security best practices.
| Real-world examples: Between March and June 2025, Scattered Spider compromised Salesloft’s GitHub account and used that access to extract Drift OAuth tokens stored in Salesloft’s AWS environment. Those tokens provided a trusted pathway into Salesforce. The threat actors used the inherited access to move laterally and exfiltrate data from more than 700 connected organizations.
To learn more about this case and other emerging supply chain threats, download the full High Tech Crime Trends Report 2026. |
Stage 5: Distribution of malicious payloads to downstream targets
Once threat actors establish trusted access, they deploy ransomware, backdoors, and data theft tools at scale across every connected customer environment. Because the target networks already trust the compromised delivery channel, these payloads execute automatically without encountering perimeter resistance.
Types of Supply Chain Attacks
Supply chain attacks can take many forms depending on the relationship an adversary exploits. Organizations typically face threats across several common vectors, including software delivery pipelines, hardware components, open-source repositories, and third-party service environments.
These attack paths exploit established trust, which frequently reduces the effectiveness of traditional perimeter controls and makes malicious activity harder to detect than a direct network intrusion.
Software supply chain attacks
Threat actors compromise a vendor’s code or development infrastructure before the software reaches customers. When this occurs, the malicious changes roll out through authorized update channels, which can make the software appear legitimate to downstream systems.
Because the code arrives through trusted vendor channels, the compromised application often performs standard tasks without immediately triggering security alarms during installation or routine patching.
Hardware supply chain compromise
Attackers tamper with hardware or firmware before it ever reaches the customer. A compromised router, server, or network component can look identical to a legitimate one, granting attackers persistent access that goes undetected by software-based security tools.
Industry frameworks, such as a Hardware Bill of Materials (HBOM) highlight this challenge, providing organizations with guidelines for tracking component data and identifying hidden risks throughout the hardware lifecycle.
Open-source dependency attacks
Attackers plant malicious code in public package registries such as npm and PyPI via typosquatting or account takeovers. Because developers pull these packages automatically as dependencies, a single compromised library can spread to thousands of applications without anyone noticing.
| Real-world examples: The Shai-Hulud npm worm compromise.
Attackers bypassed standard defenses by publishing malicious open-source packages that silently harvested developer secrets, such as GitHub tokens and npm credentials, during the dependency installation phase. The stolen credentials provided trusted access to other projects, allowing the malware to automatically use them to publish malicious versions of any other packages accessible to the compromised developer. This worm-like, self-propagating mechanism enabled the threat actors to move laterally across the npm ecosystem rapidly, ultimately compromising over 800 packages, including widely used dependencies, in a massive, automated operation. To learn more about this case and other emerging supply chain threats, download the full High Tech Crime Trends Report 2026. |
Managed service provider (MSP) attacks
MSPs manage IT infrastructure, backups, and security tools for multiple clients from a single administrative connection. Attackers target MSPs because breaching a single provider grants access to every client network it serves. The broader the provider’s access, the greater the blast radius of a single compromise.
Cloud and SaaS supply chain threats
Most businesses connect dozens of cloud apps through OAuth grants, API connections, and delegated permissions. Many of these integrations are over-permissioned or forgotten entirely. Attackers steal active tokens or credentials from these connections and use them to move freely between corporate platforms without triggering standard login controls.
Shadow IT compounds this risk when employees connect unauthorized SaaS tools to corporate data environments, creating unmonitored access points outside the security team’s visibility.
For a deeper look at how attackers exploit these environments, read the blog on how mismanaged cloud infrastructure can expose users to cyber risks.
Third-party vendor credential compromise
Attackers routinely harvest supplier credentials through targeted phishing, credential stuffing, or information-stealing malware to gain an initial foothold. Within the cybercrime economy, Initial Access Brokers (IABs) specialize in executing these initial intrusions into vendor environments and reselling the access to ransomware affiliates or advanced persistent threat groups.
Group-IB’s High-Tech Crime Trends Report 2026 notes a shift in this market, with brokers increasingly moving high-value corporate access away from public dark web forums toward private, invitation-only channels.
CI/CD pipeline attacks
Continuous integration and continuous deployment (CI/CD) pipelines serve as high-value targets because they centralize source code, cloud credentials, API keys, and deployment privileges. If an attacker compromises the build infrastructure, they can inject malicious code directly into software artifacts in transit after a developer commits clean code but before the system packages the final release.
Real-World Examples of Supply Chain Attacks
Real-world incidents show a consistent pattern: threat actors compromise a single trusted relationship to affect numerous downstream organizations that lack visibility into their vendor networks. The following four cases illustrate how these cascading vulnerabilities unfold across different vectors and threat profiles.
APT29 (Cozy Bear): The SolarWinds Orion Supply Chain Attack
Between March and June 2020, APT29, a suspected Russian state-sponsored group also known as Cozy Bear, planted a backdoor in SolarWinds’ Orion network monitoring platform before it shipped to customers.
The backdoor, named SUNBURST, was hidden inside routine software updates that carried valid corporate signatures and traveled through normal vendor distribution channels. Downstream systems installed the package as part of a standard update, with no indication of any issues.
The attack reached more than 18,000 organizations worldwide, with confirmed victims including the US Departments of Treasury, State, and Homeland Security, as well as Microsoft and FireEye. FireEye detected the anomalous behavior in December 2020.
Scattered Spider: Multi-SaaS Integration Breach
During a 2025 campaign, the threat group Scattered Spider bypassed traditional network perimeters by targeting the integration layer between interconnected corporate platforms. The group gained unauthorized access to GitHub repositories belonging to Salesloft and an AWS environment belonging to Drift, allowing them to extract active OAuth tokens tied to customer integrations.
Adversaries used these stolen tokens to pivot into connected Salesforce environments, exposing account metadata, AWS credentials, Snowflake tokens, and internal operational notes across a broad customer base.
The compromise subsequently reached Gainsight, a Salesforce AppExchange partner, and the entire cascading incident ultimately affected more than 700 downstream organizations through trusted integrations alone, without deploying traditional malware payloads.
LABYRINTH CHOLLIMA: The 3CX Software Trojanization
In March 2023, the North Korean-nexus threat group LABYRINTH CHOLLIMA launched the 3CX supply chain attack. The threat group trojanized the 3CX Desktop App, a widely deployed enterprise voice-over-IP client. The malicious installer shipped a signed utility file that silently loaded encrypted shellcode from a secondary library and then called back to command-and-control infrastructure concealed within innocent-looking image files hosted on GitHub.
The downloader delayed execution for up to 7.4 days specifically to defeat automated sandbox detection baselines. Because the software bore a valid corporate signature and passed through normal vendor distribution channels, downstream systems installed the package as part of a routine update.
Group-IB Managed XDR detected the anomalous behavior and automatically blocked the malicious executables on March 30, 2023, one day after the breach became public.
The Shai-Hulud npm Worm Campaigns
In mid-2025, a self-replicating worm named Shai-Hulud spread through the npm software registry, starting with rxnt-authentication v0.0.3, a trojanized package that stole developer credentials from infected machines.
The malware harvested npm tokens, GitHub tokens, SSH keys, AWS credentials, and cloud/CI secrets, then used them to automatically push compromised updates to any software package the affected developer had access to. By the time the first wave was contained, more than 500 packages had been compromised.
Later that year, the attackers returned with an updated version (Shai-Hulud 2.0) designed to activate earlier in the installation process using preinstall/postinstall hooks, making it harder to intercept. This second wave reached nearly 500 packages and affected more than 25,000 GitHub repositories across the JavaScript ecosystem. On machines where the malware found no usable credentials, it deleted the user’s home directory entirely (wiping files on Linux, macOS, and Windows).
DragonForce: Managed Service Provider Infrastructure Hijacking
During a 2025 campaign, the DragonForce ransomware group targeted the managed service provider (MSP) environment to achieve a multi-client exploitation multiplier. Group affiliates exploited three separate vulnerabilities in SimpleHelp remote monitoring and management software, specifically CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, to secure administrative control over provider consoles.
Once embedded in the MSP networks, the attackers conducted internal reconnaissance, harvested access credentials, and simultaneously pushed ransomware payloads across multiple independent client networks. This operational model combines data exfiltration with system encryption within a double-extortion framework, using living-off-the-land techniques and bring-your-own-vulnerable-driver (BYOVD) tactics to neutralize local endpoint security controls prior to execution.
Industries Most Targeted by Supply Chain Threats
Manufacturing, real estate, transportation, and technology vendors are among the sectors most frequently affected by modern supply chain threats. While no industry remains entirely immune, threat actors often target these fields because vendor-related disruptions, unauthorized access, or data theft can have a significant operational and financial impact.
Manufacturing, real estate, and transportation
Adversaries frequently target these industries because operational disruption can create immediate business and financial pressure. In Group-IB’s analysis of the DragonForce ransomware portfolio, the group listed 82 victims between August 2023 and August 2024. Manufacturing emerged as the most commonly targeted sector in that dataset, with 12 incidents, followed closely by real estate with 11 and transportation with 10. Ransomware operators exploit these sectors because freezing logistics chains or production lines provides significant leverage for extortion.
Technology and software vendors
Technology and software vendors occupy a high-value upstream position where a compromise can cause an outsized downstream impact. When a threat actor infiltrates a software supplier, the intrusion can scale to affect numerous customer environments simultaneously.
Financial services and healthcare
Financial and healthcare organizations remain primary targets due to the high regulatory value of the data they hold and their low tolerance for operational downtime. Instead of forcing a direct entry through hardened perimeters, attackers utilize compromised third parties, stolen vendor credentials, or trusted service relationships to reach sensitive internal networks and bypass primary defense baselines.
Government and critical infrastructure
State-aligned advanced persistent threat (APT) groups routinely target government agencies and critical infrastructure to achieve strategic disruption and long-term network access.
Industry intelligence from Microsoft highlights sophisticated non-technical vectors, including activity by North Korean remote IT workers tracked under the Jasper Sleet designation.
These threat actors use AI-assisted identity deception to pass employment screening and embed themselves directly within corporate and technology supply chains, underscoring the need to treat supply chain cybersecurity as a strategic priority across every sector.
How to Prevent Supply Chain Attacks
Defending against supply chain attacks requires a layered architecture that combines continuous vendor governance, zero-trust technical controls, and identity-centric monitoring. A mature supply chain risk management program ties these controls together under a unified governance framework.
Threat actors exploit trusted relationships to bypass traditional perimeter defenses. Security teams cannot eliminate third-party risk through a single control point. Instead, organizations must implement a defense-in-depth framework to reduce exposure, contain lateral movement, and detect upstream compromises before they cascade into the internal network.
Vendor risk assessment and continuous governance
Enterprises must conduct a supply chain risk assessment for every third party before onboarding and maintain rigorous oversight throughout the contract lifecycle. Security teams use structured risk questionnaires, independent assurance reports such as SOC 2 or ISO 27001, and legally binding contractual security obligations to establish baseline defenses.
For software suppliers, organizations should mandate the delivery of a Software Bill of Materials (SBOM) to maintain visibility into nested code dependencies. Because static, one-time assessments fail to capture evolving threat environments, major corporate acquisitions, changes in product architecture, or public vendor security incidents must serve as immediate triggers for a renewed risk review.
Third-party security audits and emulation testing
Organizations validate their security assumptions regarding supplier connectivity through authorized technical audits, tabletop exercises, and red-team simulations. Security teams should deliberately structure these testing programs to mimic realistic routes to third-party compromise, focusing specifically on identity abuse, over-permissioned API integrations, and trusted remote access utilities.
Regular simulation testing allows defenders to identify hidden blind spots in cross-organization communication channels and verify the efficacy of their incident response plans during an active upstream breach.
Zero-trust architecture and network segmentation
A resilient security posture treats all third-party access as inherently high risk and requires continuous verification of identity, device health, and access context. Network administrators must strictly enforce the principle of least privilege across all OAuth applications, service accounts, API connections, and remote administrative links.
By implementing micro-segmentation across the enterprise network, security teams isolate third-party environments, ensuring that a compromised vendor credential or connection point cannot pivot freely into critical core infrastructure.
For a step-by-step guide on how to secure your network by selectively trusting users, devices, and integrations, read our blog on Building Zero Trust Security.
Secure Software Development Lifecycle (SSDLc)
Secure software development lifecycle (SSDLc) requires applying security testing at every stage of software development, from design through implementation. Software publishers and internal development teams must protect continuous integration and continuous deployment (CI/CD) environments, build agents, and code-signing infrastructure.
Organizations should implement strict code review policies for third-party libraries, restrict administrative modifications to automated build steps, and employ cryptographic code signing to ensure release provenance.
The National Institute of Standards and Technology Secure Software Development Framework (NIST SSDF) provides an effective blueprint for organizing these engineering practices to prevent malicious code injection during production.
Identity hardening and session monitoring
While multi-factor authentication (MFA) remains a foundational security baseline, advanced adversary-in-the-middle phishing platforms can intercept standard login flows and hijack active session cookies.
To counter this threat, organizations must implement phishing-resistant authentication mechanisms alongside continuous session monitoring to detect anomalous login behaviors and rapidly revoke compromised tokens.
Security teams must extend these identity protections past human accounts to include machine identities, enforcing strict expiration limits, automated rotation policies, and continuous behavioral profiling for all active OAuth tokens, API keys, and service secrets.
How Group-IB Helps Prevent Supply Chain Attacks
Threat actors increasingly combine stolen credentials with trusted third-party access, making supply chain intrusions highly evasive and dangerous. Understanding how to prevent supply chain attacks starts with mapping your entire external footprint, because enterprises cannot protect an attack surface they do not know exists.
Once that foundation is established, defeating this scalable threat model requires early warning on vendor credential exposure, strict filtering of inbound phishing lures, and continuous behavioral monitoring inside the trusted network.
Group-IB offers a comprehensive suite of proactive intelligence and network defense services specifically designed to protect your business against upstream compromises and cascading downstream attacks.
- Business Email Protection. Blocks phishing campaigns and information-stealing malware at the primary point of entry before threat actors can compromise vendor accounts. This solution intercepts advanced supply chain threats that bypass legacy security baselines, including compromised vendor senders with valid SPF, DKIM, and DMARC configurations, AI-crafted text lures, and delayed-activation links.
- Threat Intelligence. Monitors information stealer logs, dark web marketplaces, and closed cybercriminal forums in real time to intercept stolen vendor credentials, compromised API keys, and active OAuth tokens before threat actors can weaponize them. The platform delivers predictive insights into the tactics used by supply chain-focused groups such as Scattered Spider, DragonForce, and Lazarus, enabling organizations to harden their infrastructure against specific adversarial behaviors.
- Managed XDR. Detects and isolates the subtle behavioral anomalies that follow a successful supply chain intrusion, including unauthorized lateral movement via Remote Desktop Protocol, unexpected token reuse, and malicious processes executing from trusted software channels. This proactive defense capability compressed the threat lifecycle during the 3CX software trojanization incident by identifying anomalous activity and automatically blocking the malicious executables just one day after public disclosure.
Contact Group-IB experts today to protect your business against supply chain attacks.