b'NRCA CEO Receives Honorary Fellowship f rom Inst it ut e ofRoof ingThe Institute of Roofing has named NRCA CEO Reid Ribble as one of four honorary fellows in recognition of his long-standing service and outstanding contribution to the roofing industry. The honorary fellowships are awarded worldwide.The Institute of Roofing is an organization based in the United Kingdom that works to drive, increase and maintain professionalism in supervision, management and ownership within the roofing industry, as well as raise awareness and promote roofing as a truly specialized sector of the construction industry.Ribble was recognized for his 28 years of owning and running a commercial and residential roofing company and his years of service to NRCA and the industry.Graeme Millar, board director at the Institute of Roofing, said: ?All four honorary fellows have made massive contributions to the roofing industry and are still doing so. Their dedication is truly exceptional, and this has had a positive impact both in the UK and right across the world.?The decision to award these individuals honorary fellowships receivedNRCA CEO Reid Ribbleunanimous backing of the IOR board, demonstrating the high esteem that each hold in our wonderful industry,? he continued.Whatis a Supply Chain At t ack?The SolarWinds attack in the news has brought up many new terms that may not be familiar to business owners.Today we are going back-to-basics to discuss supply chain attacks. ADEvery business uses third party software and hardware. Even the smallest business has to communicate with vendors and customers, receive, ship, bill, and inventory. A supply chain attack occurs when criminals infiltrate your system through an outside partner or provider with access to your systems and data. When a supply chain attack occurs, hackers have access to the same data and permissions the software infiltrated has access to.Attackers target software developers and suppliers looking for access to source code, or update tools. The goal is to infect a legitimate piece of software and use that software to distribute malware to customers. Hackers break into manufacturers? servers and hide malware in software updates. When these updates are pushed out by trusted vendors, the updates are certified as safe. Customers who are following sound IT practices patch and update their systems regularly, and unknowingly add the malware to their systems.The SolarWinds attack is greatly consequential for two reasons. First, the Orion tool is a Network Management System, meaning the hackers gained access at the network level, and had the same permissions the management tool had. This allowed attackers to change network settings, move laterally through the network, and also target the user level. Second, the Orion tool is used by large corporations, and the US Government. The SolarWinds Network Management System is used by 425 of the US Fortune 500.Many of the large cyber-attacks that make the news are supply chain attacks. The Target breach in 2014 was blamed on a third-party vendor, as well as the Equifax breach in 2017. The SolarWinds attack is the l argest and most consequential supply chain attack we have seen, but it follows a pattern well established in the cybercrime landscape.Founded in 1992, Quanexus is one of Dayton and Cincinnati?s most experienced IT Service Providers. They provide cyber security, data, voice and physical security solutions for businesses in the region through unmatched integrity, team-work and dedication.quanexus.comwww.ohioroofing.com 4'