• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 72000 (72k) monthly views (unique) and 272000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Are Supply-Chain Attacks More Dangerous Than Zero-Day Vulnerabilities?

johny899

johny899

Member
Content Writer
Messages
1,061
Reaction score
3
Points
43
Balance
$112.3USD
Have you installed a software update only to think “Hold on, did that actually make things worse?” I’ve had that fear before, and it’s a lasting one. All those moments got me wondering: are supply chain attacks really more dangerous than zero-day attacks? Let’s take a simple look at both threats.

What Are Zero-Day Attacks​

Zero-day attacks occur when hackers take advantage of an unknown vulnerability in a computer system (a security bug) that is NOT YET KNOWN TO THE DEVELOPER. Developers are not yet aware of its presence. As knowledge of the zero day spreads, teams rush into action as their phones are buzzing and patches are flying around the office. Examples of zero-days would include:
  • Attacking a single, vulnerable point
  • Exploiting a vulnerability to execute a malicious action rapidly
  • Can be remedied by a patch once available
Zero-day attacks can be extremely damaging, however they typically have limited impact, a small window of vulnerability. Once a patch has been deployed, the risk is reduced significantly.

What is a Supply Chain Attack​

A supply chain attack is when a hacker installs a malicious program or software on a computer by securing a trusted software patch to appear legitimate. You believe you are protected by downloading an update. All is well, then the attacker begins to gain access to your device. My experience tells me that this form of malware is even more devastating than some examples of zero-day vulnerabilities.

Supply chain attacks:
  • Exploit trust
  • Infiltrate many people simultaneously
  • Remain undetected for an extended time.
The latter factor makes this type of threat very serious.

Damaging in Different Ways​

An immediate concern with support for zero-day vulnerabilities is that they typically do not cause damage as extensively as many supply chain attacks. From my perspective, the more critical question is whether one zero-day invites a lone event versus a supply chain attack inviting thousands of computers or networks simultaneously.

So, Which Is More Dangerous?​

In my opinion, zero-day attacks are vocal and urgent while supply chain attacks are silent and extensive. The difference between the two is important because they intend to deceive, undermine security, and impact numerous individuals simultaneously.
 
You must log in or register to reply here.
HostingNAP Ad

Support / Help Desk

Blog - (WHV)

Hosting Reviews

Navigation

  1. WHV Forums
    1. WHV - Announcements
    2. General Discussion
    3. Introduction
    4. Web Hosting Forum
    5. Help
    6. News
  2. Marketplace
    1. VPS Offers
    2. Dedicated Server Offers
    3. Shared Hosting Offers
    4. Reseller Hosting Offers
    5. Other Offers (Not Hosting)
    6. Domain Offers
  3. Web Hosting Discussion
    1. Hosting Software & Control Panels
    2. Other Hosting Tutorials
    3. Reviews
    4. Articles
    5. Offtopic
  4. Web Hosting Tutorials
    1. cPanel Tutorials
    2. WHM Reseller Tutorials
    3. DirectAdmin Tutorials
    4. Blesta Tutorials
    5. WHMCS Tutorials
  5. Hosting Extensions
    1. WHMCS Market
    2. Blesta Market
    3. HostBill Market
Top