The Department of Homeland Security is warning that large companies will be targeted through their supply chain and third party vendors. As major companies improve their cyber defenses, Chinese attackers will target the weaker links represented by vendors either to obtain access to proprietary information or use the vendor as a nexus into a direct attack. This tactic is not new and has been used by a variety of adversaries over the past two decades, but is seeing a resurgence according to DHS.
“Chinese hackers have done the math and have figured out that infiltrating the third-party companies that store confidential details about big businesses is more efficient than attacking each of those firms individually, Department of Homeland Security and information security analysts said.”
Source: Department of Homeland Security warns of cyberattacks on third-party companies by China