Introduction
In recent years, cyber-attacks exploiting third-party vulnerabilities have become increasingly prevalent [6], significantly impacting global security landscapes. These breaches, often involving ransomware, highlight the growing focus of threat actors on third-party access points, necessitating enhanced security measures and risk management strategies.
Description
Cyber-attacks exploiting third-party vulnerabilities are increasingly prevalent [6], now accounting for 35.5% of all global breaches in 2024, a notable increase from 29% in 2023. Among these, 41.4% of breaches were linked to ransomware attacks that utilized third-party access vectors, with the Clop group being particularly active in this area. Threat actors are focusing on third-party access due to its scalability [1], with ransomware groups and state-sponsored attackers exploiting supply chains as entry points [1]. Interestingly, less than half (46.75%) of third-party breaches involved technology products and services [2] [5] [6], reflecting a significant decrease from 75% the previous year [2] [5] [6], indicating a diversification of attack surfaces [2] [4] [5] [6].
The retail and hospitality sector experienced the highest breach rate at 52.4% [4] [5] [6] [7], closely followed by the technology industry at 47.3% and the energy and utilities sector at 46.7% [6]. Geographically [3] [6], Singapore had the highest rate of third-party breaches at 71.4% [2] [4] [6] [7], followed by the Netherlands at 70.4% and Japan at 60% [6] [7]. In contrast, the United States reported a lower rate of 30.9% [6], which is 4.6% below the global average [6].
To combat these threats and mitigate risks associated with third-party access, organizations are encouraged to transition from periodic vendor reviews to real-time monitoring of vendor relationships. Recommendations include customizing security strategies based on industry [1], geography [1], technology [1] [2] [3] [4] [5] [6] [7], and structure [1], aligning risk management strategies with specific risk profiles [7], and maintaining robust third-party risk management programs [1] [7]. Key areas for protection include file transfer software [1], cloud infrastructure [1], industry-specific services [1] [2], and VPNs [1]. Additionally, ensuring contracts clearly define expectations regarding vendor vulnerabilities [7], adopting “secure by design” technologies [2] [7], enforcing multifactor authentication [1] [7], and avoiding ransom payments to disrupt the ransomware supply chain are crucial steps for enhancing security. Rapid patching and continuous security assessments are also emphasized as essential practices in this evolving threat landscape.
Conclusion
The increasing prevalence of cyber-attacks through third-party vulnerabilities underscores the urgent need for organizations to adopt comprehensive and proactive security measures. By focusing on real-time monitoring, tailored security strategies [1], and robust risk management programs [2], organizations can better protect themselves against these evolving threats. As the landscape continues to change, staying ahead of potential vulnerabilities and maintaining vigilance will be crucial in safeguarding against future breaches.
References
[1] https://www.itpro.com/security/data-breaches/third-party-data-breaches-global-statistics
[2] https://www.newsflashasia.com/singapore-tops-third-party-breach-rate-at-71-4-securityscorecard/
[3] https://www.digit.fyi/third-party-breach-report/
[4] https://thenimblenerd.com/article/cyber-chaos-third-party-breaches-skyrocket-as-supply-chains-become-hacker-heaven/
[5] https://www.techradar.com/pro/security/third-party-security-issues-could-be-the-biggest-threat-facing-your-business
[6] https://www.infosecurity-magazine.com/news/securityscorecard-surge-third/
[7] https://siliconangle.com/2025/03/26/securityscorecard-report-reveals-surge-third-party-breaches-across-industries/
