While reviewing an incident report, a security analyst learns that attackers compromised a managed software provider and pushed a malicious update that automatically installed malware on dozens of the provider's customer endpoints, including the analyst's organization. Which type of cybersecurity risk does this incident BEST illustrate?
This scenario is a classic example of supply chain risk-a threat introduced when a trusted vendor, supplier, or service provider is compromised and the attacker leverages that relationship to reach victim organizations. Shadow IT concerns unauthorized internal systems, credential stuffing relies on reused credentials, and a rogue access point is an unauthorized wireless device; none of these capture the third-party dependency highlighted here.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is supply chain risk in cybersecurity?
Open an interactive chat with Bash
How can organizations mitigate supply chain risks?
Open an interactive chat with Bash
What are some examples of supply chain attacks in cybersecurity?