For a large majority of the world, the SolarWinds hack in December 2020 was the first real introduction to digital supply chains and their vulnerabilities. But the reality is that hackers increasingly have been vested in\u00a0software supply chain attacks, which increased 650% from July 2019 to May 2020\u00a0alone.Likewise, data from Netscout\u2019s\u00a02H 2021 Threat Intelligence Report\u00a0shows that hackers remain laser-focused on attacking the digital supply chain. Specifically, there was a 606% increase in attacks against software publishers from 1H 2021, as well as a 162% increase in attacks on computer manufacturers and a 263% increase against computer storage manufacturing.\u00a0When hackers focus so much attention on attacking a particular area, it\u2019s important to understand what it is and how your company can protect against such attacks.Why Hackers Attack Supply ChainsA supply chain attack enables malefactors to compromise enterprise networks by attacking connected applications or services owned or used by outside partners, such as suppliers. Using the SolarWinds attack as an example, hackers focused their attentions on SolarWinds in order to gain access to a list of lucrative suppliers and customers.In other words, a supply chain attack may start several companies removed from the intended target, making it harder to spot. Such attacks also are becoming harder to trace because many are carried out using open-source tools that are publicly available.Perhaps more frustratingly, companies often don\u2019t consider the risk serious enough to protect themselves against it. In a survey of executives from leading companies in the UK,\u00a091% said cyberattacks are a high or very high risk to their business. Nevertheless, nearly a third admit to taking no action on supply chain security, and only 69% say they\u2019re actively managing supply chain risks.In its November 2021 report on supply chain cybersecurity, the UK\u2019s Department for Digital, Culture, Media & Sport (DCMS) found that the\u00a0biggest challenges to acting on digital supply chain risks were establishing control of the supply chain (86%)\u00a0and the need to improve, evolve, and maintain security (85%). Likewise, barriers to effective supply chain cybersecurity risk management included low recognition of supplier cybersecurity risk, limited visibility into supply chains, and insufficient tools for evaluating the cybersecurity risk and limitations of suppliers.What Happened in 2H 2021?Although SolarWinds still holds the dubious honor of being the most recognized supply chain attack, threat actors haven\u2019t stopped there. In July 2021, the Russian gang REvil launched a ransomware attack against IT infrastructure management provider Kaseya, demanding payment of $70 million.Like SolarWinds, Kaseya boasts thousands of clients worldwide, most of which are managed service providers (MSPs) and internal IT organizations. As such, REvil was able to demand ransoms from more than 1,000 companies throughout the campaign.Gain a better understanding of how digital supply chain attacks can impact your company by\u00a0downloading the 2H 2021 Threat Intelligence Report.