An attack on IT networks is no longer just an IT problem because it affects critical infrastructure and disrupts operations that hinder daily life. On December 3rd, 2023, a ransomware attack caused an outage in 60 credit unions and left several systems nonfunctional. The New York-based Mountain Valley Federal Credit Union told CNN that technicians were working around the clock to resolve the issue and bring the systems back online.
How did this happen?
The National Credit Union Administration (NCUA) told reporters that the attack occurred through a third-party vendor called FedComp who was using Trellance software. This incident is a reminder that an attack on third-party vendors can have significant implications for critical infrastructure, as many organizations rely on external suppliers and service providers to support their operations. The interconnected nature of modern systems means that a breach in one part of the supply chain can potentially impact the entire network.
What are the consequences of an attack on third-party vendors?
Many critical infrastructure entities rely on external services for functions such as cloud computing, data storage, and communication services. An attack on third-party vendors can result in service disruptions, impacting the availability and reliability of critical systems.
If a third-party vendor with access to critical infrastructure systems is compromised, it can lead to a weakening of the overall security posture. Attackers may use the compromised vendor as a foothold to move laterally within the infrastructure, exploiting vulnerabilities and gaining unauthorized access.
A security breach involving third-party vendors can result in significant financial losses and damage to the reputation of the affected organizations. Customers, partners, and the public may lose trust in the ability of critical infrastructure entities to safeguard their systems and data.
Malicious software can spread through interconnected systems. If a third-party vendor's network is compromised, there is a risk that malware could propagate through the vendor's connections to the critical infrastructure, potentially causing widespread damage.
Third-party vendors often handle sensitive information for their clients. If these vendors are breached, confidential data related to critical infrastructure operations, system configurations, or employee details could be exposed, leading to security and operational risks.
This incident is just another example of how ransomware attacks have wreaked havoc on the United States' critical infrastructure in recent years. These file-locking intrusions have also crippled hospitals, gasoline pipelines, and schools, causing the Biden administration to declare ransomware attacks as a national security threat.
To avoid such attacks from taking place, organizations should conduct thorough risk assessments of their supply chain, and establish effective vendor management practices. Regular monitoring, security audits, and collaboration with vendors to ensure cybersecurity best practices are followed are essential components of a comprehensive defense strategy.