The cyberattacks against M&S and Co-op are high-profile examples of the attack vector that's reframing the supply chain security conversation. They showed how attackers can disrupt major organizations not with sophisticated code, but by exploiting trusted service relationships, such as a phone call to an outsourced help desk. The weakest link may not be hardware or software, but the service provider on the other end of the line.
M&S suffered an estimated $400 million[JD1] [an2] hit to operating profit after attackers disrupted online ordering, payment systems, and store operations. Co-op also faced a serious breach. Hackers stole customer data and, according to BBC reporting, tried to deploy ransomware inside the company’s environment. But Co-op detected the attack quickly and took systems offline before the criminals could go further, likely preventing a much larger crisis.
This is the threat that supply chain and security leaders need to add to their radar in 2026. Hardware vulnerabilities and software supply chain risks remain real and well-documented. But the service supply chain now deserves equal attention because it gives external providers access to sensitive internal systems. Attackers have figured out that this is the easiest door in.
Three supply chain threat vectors
Not all supply chain attacks require the same level of effort.
Hardware attacks sit at the difficult end of the spectrum. An attacker may need to tamper with a device, compromise a component or introduce a modified USB drive into an environment.
Attackers who deploy software supply chain attacks do not always need physical access. They can target remote developers, SaaS providers, software updates or open-source dependencies. But many organizations have at least some controls in place to thwart them, including SOC 2 reviews, ISO 27001 certifications, and secure software delivery practices.
Service supply chain attacks often require neither compromised hardware nor malicious code. Attackers can use phishing, social engineering, or impersonation to target the outsourced functions that already touch the business: help desks, IT support teams, contractors and managed service providers.
Attackers look for the easiest way into trusted environments. Today, that route often runs through the service supply chain.
The single point of failure problem
A service provider may connect to identity systems, account management platforms, remote support tools, cloud applications, network environments, or sensitive internal data. While that access serves a legitimate business need, it's also what makes it attractive to attackers.
Consider an outsourced help desk support team. To reset passwords, manage accounts and troubleshoot user issues, the team may need access to Microsoft Entra ID, Active Directory or other identity and access management systems. Those tasks are routine and touch the systems that control who can enter the environment, what they can reach, and how far they can move.
Attackers working together
Attackers collaborate while the security industry competes, giving them the advantage.
Attackers share learnings, tooling and access. Think of it as an open-source approach to developing and refining attacks. When one group finds a useful tactic, others can adopt it, adjust it, and aim it at their next target.
Ransomware-as-a-service shows how this model works. Initial access brokers gain access to organizations and sell it to others. Ransomware operators provide the malware, payment infrastructure, and extortion process. Affiliates carry out the attacks. Each group plays a role and keeps sharing what works.
That collaboration is critical to their success because service supply chain attacks reward specialization. Combining impersonation, remote access abuse, credential theft, and knowledge of identity systems helps attackers turn a routine service interaction into the start of a breach.
This creates a challenge for CISOs and supply chain leaders. Attackers connect identity, access, remote support, social engineering and ransomware into a single attack path. Defenders need security tools and providers that specialize well and integrate cleanly. Broad platforms can help, but they may also create a false sense of coverage when they excel at one function while handling others inconsistently.
How agentic AI increases the risk
Many organizations already struggle with excessive access, limited visibility, weak third-party governance and inconsistent identity controls. AI amplifies each of those problems. It moves faster than human users, connects systems in new ways and makes decisions across workflows that security teams may not fully understand (or even be aware of).
To assess where AI risk enters the service supply chain, use what’s called the C3H framework:
● Custom AI: Supplier-built tools may improve service delivery, but they may not go through the same security review as major commercial platforms.
● Third-party AI: External platforms may offer stronger security foundations, but customers often lack visibility into dependencies, data flows and outside connections.
● Hybrid AI: Most organizations will use a mix of both, which compounds risk as data, permissions and workflows cross environments.
Agentic AI makes the problem harder to see and harder to contain. These systems can assume identities, use credentials and tokens, log in to applications, and make API connections to internal and external data sources. If attackers compromise an agent, its activity may appear to be normal network traffic. It may use the right credentials, follow expected workflows, and look legitimate and innocuous.
This risk came quicker than many organizations expected. The same third-party access problems that already make supply chain security difficult are becoming harder to manage as autonomous systems begin to operate across environments.
What should supply chain and security leaders do now?
Demonstrating compliance does not guarantee effective security. A certification shows that a provider met a requirement at a specific point in time. It does not prove they follow best security practices every day.
Follow these practical steps for vetting service providers:
- Start with governance, risk and compliance checks. Look for SOC 2, ISO 27001, data governance policies, identity governance frameworks and other baseline controls. Treat these checks as the beginning of the conversation, not the end.
- Ask questions that show whether the provider practices security. How often does the provider conduct penetration testing, and what was the result of the most recent test? How often do they scan for vulnerabilities? How quickly do they remediate critical issues? How do they test incident response?
- Demand visibility into third-party dependencies. Ask providers to disclose subcontractors, technology vendors and other dependencies across the service chain. Pay close attention to their AI footprint. Are they using your data to train models? Where does that data go? Which external tools, models or data sources touch your environment?
The M&S and Co-op attacks show how fast these incidents can become business disruptions and how much preparation, detection and containment matter. The threat to service supply chains is real and immediate. Mitigating the threat requires treating security as a continuous practice, not a compliance exercise, by limiting third-party access, segmenting critical systems, and monitoring service provider activity.
Just as importantly, prepare for "when", not "if." Assume a cybercriminal will compromise a trusted third party and manage third-party access, so you're prepared to contain the damage when an attack occurs.
