Back to Glossary

Glossary Term

Supply Chain Attack

An intrusion that compromises trusted vendors or dependencies to infiltrate downstream organizations.

1 min read

Share this definition

Post it to your feed or send it to teammates.

What it is

A supply chain attack exploits the trust relationships between organizations and their suppliers, service providers, or software vendors. Instead of directly attacking the target organization, adversaries compromise upstream components that the target uses—such as code libraries, firmware updates, or software installers.

Examples include the SolarWinds breach, where attackers injected malicious code into a trusted software update, and dependency hijacking attacks in open-source ecosystems like npm or PyPI. Hardware-level attacks can also occur when rogue components or backdoors are introduced during manufacturing.

Why it matters

As businesses increasingly rely on third-party tools and cloud services, the attack surface expands beyond direct control. A single compromised vendor can cascade through hundreds or thousands of clients. These attacks are especially difficult to detect because malicious components arrive signed and verified through legitimate update channels.

How to reduce risk

  • Vet and monitor all third-party vendors for security compliance.
  • Use software composition analysis tools to track dependencies.
  • Sign and verify software with reproducible build systems.
  • Segment networks to limit lateral movement from compromised vendors.
  • Maintain an incident response plan specifically for third-party breaches.