Recent shocks such as the Covid-19 pandemic and the Ukraine conflict have highlighted how interdependent societies have become. Any disruption of the supply chain leads to a shortage of goods and an increase in prices of raw materials at a global scale. Digital technologies are powering the supply of goods and services worldwide making them a key asset for our collective productivity.

In the last 18 months, supply chain cyber-attacks have been a growing source of concern and have further demonstrated the ever-increasing interconnections among organizations.

However, a closer look reveals a pattern in the variety of situations where the supply chain has been targeted or used to perform cyber-attacks.

In this paper SCOR experts present two different risks, examining first how traditional suppliers can be used to penetrate larger targets and then how software and IT services providers are being leveraged to attack their client base in-mass. Methodologies and potential impacts differ in both situations, and in this paper our experts aim to provide specific analysis and recommendations for each case.