Following plans for the EU to stage cyberattack simulation exercises on supply chains, information security experts reacted below.
<p>Supply chain attacks are an ongoing trend and will only grow in severity. This is largely attributed to the fact that, as a state or organization\’s supply chain and digital ecosystems expand, their attack surface grows exponentially along with it. In a few months from now, attacks like SolarWinds may look comparatively small. </p>
<p>Ransomware can\’t be called a hypothetical, systemic risk anymore. It\’s now a systemic issue that will only grow. This is yet another clear illustration that cybersecurity impacts physical security and the daily lives of all of us, at scale. </p>
<p>Unfortunately, we expect more supply chain attacks to occur. As companies increasingly entrust a large part of their services to single points of failure – think AWS or Google – this is becoming a problem and as such, companies become targets of choice. </p>
<p>This stress test is a welcomed action plan and highlights the increasing need for early threat detection capabilities and ransomware preparedness. Member states and businesses urgently need to get ahead of threats before attackers beat them to it.</p>
<p>2021 was riddled with supply chain attacks and we only need look at the Solar Winds or Kaseya attacks to see the full scale of consequences that come as a result: crippling ransoms, national emergencies and huge financial losses (Solar Winds estimated losses came in at <a href=\"https://www.bitsight.com/blog/the-financial-impact-of-solarwinds-a-cyber-catastrophe-but-insurance-disaster-avoided\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://www.bitsight.com/blog/the-financial-impact-of-solarwinds-a-cyber-catastrophe-but-insurance-disaster-avoided&source=gmail&ust=1642187397090000&usg=AOvVaw327xPpP73J1abBtxFJBRLw\">$90,000,000</a>). Therefore, seeing the EU making an international and united commitment to cybersecurity is a positive step that could help with both prevention and damage control in the future. Cybercriminals are not limited by national borders and therefore it is important that those trying to counter cyberattacks have the same borderless approach. What’s more, practice truly does make perfect in these situations, the more we prepare for cyberattacks and become familiar with how to act in crisis situations, the smaller the overall damages can be because there will be well-trained people on the ground from the get-go.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics