Security News US Warns of Supply Chain Attacks

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,448
The US government has repeated warnings of state-sponsored cyber-attacks made possible by infiltrating the software supply chain. The report from the National Counterintelligence and Security Center (NCSC) reveals insight into foreign economic and industrial espionage against the US. It calls out China, Russia and Iran as “three of the most capable and active cyber actors tied to economic espionage and the potential theft of US trade secrets and proprietary information.”

While new technologies such as AI and IoT will introduce new vulnerabilities into networks “for which the cybersecurity community remains largely unprepared,” it’s the software supply chain that represents one of the biggest emerging threats, the NCSC claimed. It said 2017 was a watershed year in that it witnessed seven “significant” incidents versus just four in the preceding three years. These included the infamous backdoor inserted into popular Ukrainian accounting software M.E. Docs which was the initial threat vector for the NotPetya ransomware campaign. Other supply chain attacks included CCleaner, which targeted technology firms and mobile operators, and Kingslayer, which has compromised at least one defense contractor.

The warnings echo those of the UK’s National Cyber Security Centre (NCSC) in April, which claimed state-sponsored and other compromises of MSPs and software providers can give hackers a stepping stone into thousands of organizations’ networks by allowing them to abuse “privileged accesses and client/supplier relationships.”
“When done well, supply chain compromises are extremely difficult (and sometimes impossible) to detect. Network monitoring can detect unusual or suspicious behavior, but it is still difficult to ascertain whether a security flaw has been deliberately introduced (possibly as a backdoor) or results from a careless error on the part of developers or manufacturers – or indeed to prove that any potential access has been exploited,” it argued.

James Romer, EMEA chief security architect at SecureAuth Core Security, argued that secure access is a key part of protecting the supply chain. “There needs to be a more robust approach to authentication within organizations’ supply chains,” he added. “One that brings context to the process and allows for a rapid response to evolving threats without significant human intervention.”
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
The bad side is there is almost nothing the end-user can do to protect against this.
The good side is it probably doesn't even affect the home user or even small business. It's spy stuff.
 
  • Like
Reactions: vtqhtr413

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,448
True @shmu26 , malware is spy stuff too right, I hope it is interesting to some :emoji_expressionless:
 
  • Like
Reactions: shmu26

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top