U.S. security officials are reportedly planning to share information to companies about the risks their supply chains pose with regards to cyberattacks, reports said on Wednesday (Aug. 10).
Reports by Bloomberg said the National Counterintelligence and Security Center (NCSC) wants to help corporations understand that their international suppliers may lead to data hacks and other issues that could impact national security.
“You’d be shocked to find out how many people really don’t know where their stuff comes from,” said top counterintelligence official and Director of the NCSC William Evanina in an interview with the newswire. “The supply chain threat is one that’s the least talked about but is the easiest to manipulate for all aspects of our daily lives.”
Telecommunications, energy and financial services corporations will be the first targets of the center’s efforts, according to reports. Officials plan to share information that could include classified threat reports to these businesses, like Verizon and Bank of America.
Officials pointed to supply chains linked to China and Russia, as well as criminal enterprises around the globe or even disgruntled employees, that may lead to data leaks.
Crimes targeting corporations that stem from their suppliers is a widespread issue. Events can come in many forms, like the Business Email Compromise, in which hackers pose as a seemingly legitimate supplier or hack into an actual supplier’s networks to request payment from corporate buyers.
Earlier this month, INTERPOL made an arrest in a $60 million scam ring based in Nigeria that focused its crimes on such email scams.
They can also lead to crimes in other ways. Target’s data breach in 2013 was the result of hackers stealing login credentials to the corporation’s payments network; those credentials were accessed by one of Target’s suppliers, investigators found.
The National Counterintelligence and Security Center will begin its campaign on Thursday (Aug. 11), according to reports.