Hidden Dangers: Supply Chain Cyberattacks in 2025

TECHx

2 days ago

Home » Editor's pick » Hidden Dangers: Supply Chain Cyberattacks in 2025
Supply chain cyberattacks are rising fast in 2025, exposing enterprises to hidden threats through trusted vendors, weak links, and third-party vulnerabilities.
In 2025, it's not the hackers breaching your firewalls that should keep you up at night. It's the vendors you trust the most, the small software firm managing your data sync, the overseas hardware supplier, or even your outsourced payroll provider. Cybercriminals are no longer attacking the front doors of the world's most secure enterprises. They're slipping through the side gates, quietly piggybacking on the digital supply chains that keep global business ticking.
Verizon's 2025 Data Breach Investigations Report (DBIR) highlights this troubling trend with hard numbers: one in three breaches now involves a third party. The percentage of incidents tied to partners or suppliers has doubled from the previous year, underscoring how deeply embedded these risks have become. What's more, ransomware, often delivered via these indirect attack paths has seen a 37% increase, now factoring into nearly half of all reported breaches.
The Hertz-Cleo Fallout
Take the Hertz incident earlier this year. The car rental giant itself wasn't hacked. Instead, the Russian-linked ransomware gang Clop infiltrated Cleo Communications, a trusted third-party file transfer provider used by Hertz and gained indirect access to sensitive customer information. By exploiting an unknown vulnerability in Cleo's software, the attackers avoided Hertz's own hardened defenses altogether.
This tactic, often called a supply chain attack, isn't new. But what's changed is how quickly it's become the go-to method for sophisticated cybercriminals, including state-backed groups. Why try to breach a billion-dollar enterprise with enterprise-grade security, when you can compromise a smaller supplier with minimal resistance and get the same prize?
The damage from these attacks goes far beyond lost data or a ransom paid. They undermine trust in entire ecosystems. If an organization can't vouch for its vendors' security posture, how can it vouch for its own?
A Threat Hiding in Plain Sight
Supply chains have always been complex. But now it has also become invisible. Many large enterprises now rely on thousands of vendors, software-as-a-service providers, open-source libraries, cloud partners, APIs, and more, creating sprawling digital ecosystems where a single weak link can compromise an entire network.
Recent data shows that software supply chain incidents are sharply on the rise. According to Cyble, the average number of such attacks per month increased by 25% from late 2024 to mid-2025. In the last two months alone, this number nearly doubled. Attackers are getting more strategic, more patient, and more effective at exploiting interdependencies between systems that most companies barely map, let alone monitor.
Credential abuse remains a leading cause of breaches, with nearly a quarter of attacks stemming from stolen or weak credentials. Vulnerability exploitation is close behind, accounting for 20%. These numbers reflect a sobering reality: as businesses grow more interconnected, the attack surface is no longer within their walls.
Sectoral Impact: Healthcare, Manufacturing, and More
Certain sectors are feeling the burn more than others. Healthcare, with its sensitive patient data and critical uptime requirements, remains a prime target. The DBIR found 1,710 incidents in the sector this year, with over 1,500 involving confirmed data disclosure. The most compromised data types? Medical and personal.
Manufacturing is facing a different but equally insidious threat: espionage. Breaches in the industry nearly doubled this year, and for the first time, 20% were tied to espionage, up from just 3% the year before. Analysts believe this rise is likely linked to state-sponsored actors targeting supply chains to access emerging technologies and industrial secrets.
Meanwhile, the financial and education sectors continue to grapple with familiar foes: phishing campaigns, credential stuffing, and basic web application attacks. But the thread tying all of these sectors together is supply chain vulnerability. Regardless of industry, the weakest point isn't the organization, it's often the people and partners just outside of it.
Why We're Still Behind
Despite years of warnings and a growing pile of headlines, many organizations still don't conduct comprehensive security reviews of their suppliers. Some don't even know how many third-party services are connected to their systems. A recent survey found that fewer than 30% of enterprises require a Software Bill of Materials (SBOM), a basic inventory of components used in applications, from their vendors.
The regulatory landscape is beginning to catch up. New compliance mandates in the U.S., EU, and GCC region are placing greater onus on companies to verify vendor security. In the UAE, cybersecurity requirements tied to national digital transformation efforts are already pushing public and private organizations to step up. But policy alone won't solve the problem.
Security teams must rethink their architecture from the ground up. The old model, perimeter defense, no longer applies in an age where the perimeter includes thousands of third parties. Strategies like Zero Trust architecture, real-time threat intelligence sharing, and continuous monitoring of third-party behavior are no longer 'nice to haves.' They are essential.
A Chain Only as Strong as…
The phrase 'a chain is only as strong as its weakest link' is now a cybersecurity cliché. But in 2025, it's painfully accurate. As enterprises double down on digital transformation, AI tools, and cloud-first strategies, their reliance on supply chains will only deepen. That means vigilance can't stop at the firewall, it must extend across every digital handshake.
Because in today's cyber era, the breach you didn't notice might just be the one that shuts everything down.