Consider the following cybersecurity breaches – all from within the past three months: GitHub, the leading cloud-based source control service, discovered that hackers capitalized on stolen OAuth tokens issued to third-party applications to download data from dozens of customer accounts; Mailchimp, a leading emarketing company, found a data breach where hundreds of customer accounts were compromised using stolen API keys; and Okta, the leading workforce authentication service, left 366 corporate customers vulnerable after hackers exploited a security breach to gain access to internal networks.
These three incidents have one thing in common – they were all service supply chain attacks, meaning breaches in which the attackers took advantage of access granted to third-party services as a backdoor into the companies’ sensitive core systems.
Why this sudden cluster of related attacks?
As digital transformation and the surge in cloud-based, remote or hybrid work continues, companies are increasingly weaving third-party applications into the fabric of their enterprise IT to facilitate productivity and streamline business processes. These integrated apps increase efficiency throughout the enterprise – thus their sudden rise in popularity. The same is true for low-code / no-code tools, which allow non-coding “citizen developers” to create their own advanced app-to-app integrations more easily than ever before.