In today's interconnected digital world, cyber threats are constantly evolving. And now, "Supply Chain Attacks" are emerging as a new and critical trend that organizations must closely monitor, as they can cause widespread and devastating damage.
In this week's digest, we are observing two significant security incidents that highlight the dangers of supply chain attacks: The first occurred in Brazil, where cybercriminals successfully persuaded a company employee to sell login credentials, resulting in a staggering $140 million loss from systems linked to banks and fintechs using the PIX system. The other case involves a cyberattack on Ingram Micro, a global IT distributor, which faces estimated daily revenue losses of up to $136 million while its clients suffer from supply chain disruptions.
Deep Dive into the C&M Case in Brazil: When the Vulnerability Lies with an "Employee"
The massive data breach at C&M, a Brazilian technology service provider, impacted several banks and fintech companies connected to Brazil's instant payment system, PIX. As a result of the attack, criminals gained access to the internal systems of six organizations. The exact amount of funds stolen is still unknown, but preliminary estimates range from $40 million to $140 million.
While clients' accounts were not directly affected, the criminals gained access to the companies' reserve accounts, which were used solely for interbank settlements and operations within the PIX system. They converted the stolen funds into various cryptocurrencies and transferred them to different digital wallets.
The Origin: An "Insider Attack"
According to investigations, this incident was an Insider Attack. Earlier this year, criminals approached a C&M employee as he was leaving a bar and persuaded him to sell credentials and launch malicious code for $2,700. This gave the adversaries direct access to a software platform that controlled the reserve accounts.
To date, authorities have successfully blocked $50 million of the stolen funds. Brazil's Central Bank has suspended part of C&M's operations to mitigate the risk of further attacks.
Ingram Micro Attacked: A Supply Chain Disruption
Another security incident affected Ingram Micro, one of the largest IT distributors in the world. Ingram plays a crucial role in supporting regional technology infrastructure in the Middle East and Africa, providing a range of business-to-business solutions, including hardware, software, cloud services, and other services for many regional companies and providers.
Widespread Business Impact
The company's systems, including its website, were temporarily offline, disrupting order processing, shipping confirmations, and customer communications. Moreover, Ingram's clients, who typically maintain strong connections to their distributors' IT systems, faced a high risk of being targeted in a subsequent supply chain attack.
This attack directly impacted government agencies and leading regional companies, particularly in the UAE, Saudi Arabia, and African countries. While preliminary information suggests no customer or partner data was exposed, the investigation is still ongoing.
The breach occurred during a critical time for the company, near the end of its second fiscal quarter. Analysts estimate that Ingram may face daily revenue losses of up to $136 million as a result of the incident.
Supply Chain Attacks: A Hard-to-Detect Threat
Attacks of this nature are particularly difficult to prevent because they don't solely rely on technical vulnerabilities. Instead, they often target "people" or partner organizations, which are often overlooked weak points. Criminals frequently choose to penetrate systems through employees of third-party companies or service providers who have partial access to internal systems, allowing them to bypass security measures stealthily.
For instance, a Coinbase contractor was previously bribed to leak sensitive data. In the C&M case, criminals obtained "credentials" from an employee and used them to access the systems of other connected companies, orchestrating a full-fledged Supply Chain Attack.
To prevent such incidents, we suggest exploring advanced information security solutions, such as the Next-Gen DLP system,Risk Monitor. It combines data leak prevention capabilities with complex mitigation of human risks, providing 360-degree protection against internal threats, including accidental mistakes, malicious actions, and various forms of corporate fraud. Risk Monitor's AI-powered capabilities enhance security posture and ensure comprehensive protection of sensitive data.
Strengthen your security posture today. Start your free 30-day trial now!
Source: https://searchinform.com/blog/2025/7/9/-supply-chain-attacks-are-new-trend/