Supply Chain Attack
A supply chain assault is a particular kind of cyberattack that goes after a dependable third-party provider of goods or services that the supply chain depends on.
While hardware supply chain attacks affect physical components for the same reason, software supply chain attacks insert malicious code into an application to infect all users.
Supply chain assaults historically have been used to describe attacks on established networks in which a weak supplier in the chain is attacked to acquire access to the larger trading partners. In the 2013 attack on Target, this is exactly what transpired; the threat actor got into the HVAC contractor’s network to access Target’s systems.