From SolarWinds to Kaseya: The rise of supply chain attacks in a digital world

Ghanbari, Hadi; Koskinen, Kari; Wei, Yijuan

doi:10.1177/20438869241299823

aalto1 untyped-item.component.html

From SolarWinds to Kaseya: The rise of supply chain attacks in a digital world

Files

BIZ_Ghanbari_et_al_From_solarwinds_to_kaseya_The_rise_of_supply_chain_attacks_in_a_digital_world_2024.pdf (1021.27 KB)

Access rights

openAccess
CC BY

Creative Commons license

Except where otherwised noted, this item's license is described as openAccess

publishedVersion

A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä

This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)

Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Ghanbari, Hadi

Koskinen, Kari

Wei, Yijuan

Date

2024-11-15

Department

Department of Information and Service Management

Language

en

Series

Journal of Information Technology Teaching Cases, pp. 1-8

Abstract

Supply chains today rely heavily on information technologies. Such reliance has encouraged attackers to shift their focus on conducting supply chain attacks, which is expected to become the most common type of cyberattack by 2030. Thus, it is crucial for Information Systems practitioners to gain a deeper understanding of supply chain cybersecurity. To that end, this teaching case demonstrates the importance of supply chain cybersecurity in the digital era drawing on two recent attacks with significant impact on supply chains: SolarWinds and Kaseya. We first discuss different dimension of cyberattacks, followed by an introduction of supply chain attacks. We then introduce an analytical tool called cyber kill chain that is widely used for analysing different stages of a cyberattack. In addition, we propose a taxonomy of cyberattacks that can be used as a tool, alongside other tools, to analyse cyberattacks. The taxonomy is especially useful for conducting a lightweight analysis and presenting an overview of cyberattacks to non-technical stakeholders, especially executives and directors.

Keywords

Information security, Kaseya, SolarWinds, cyberattack, cybersecurity, supply chain attack, supply chain cybersecurity

DOI

10.1177/20438869241299823

Citation

Ghanbari, H, Koskinen, K & Wei, Y 2024, 'From SolarWinds to Kaseya: The rise of supply chain attacks in a digital world', Journal of Information Technology Teaching Cases, pp. 1-8. https://doi.org/10.1177/20438869241299823

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202509107154

Collections

[article-cris] Palvelut / Services

Show all metadata

From SolarWinds to Kaseya: The rise of supply chain attacks in a digital world

Files

Access rights

Creative Commons license

URL

Journal Title

Journal ISSN

Volume Title

Authors

Date

Department

Major/Subject

Mcode

Degree programme

Language

Pages

Series

Abstract

Description

Keywords

Other note

DOI

Citation

Permanent link to this item

Collections

Endorsement

Review

Supplemented By

Referenced By