The U.S. National Counter Intelligence and Security Center’s Foreign Economic Espionage in Cyberspace report released last week highlights the increased threat that software supply chain attacks pose to our critical infrastructure sector.

The report breaks down the current threats as well as future trends in foreign intelligence efforts to compromise U.S. intellectual property, trade secrets, and proprietary information in cyberspace, naming China, Russia, and Iran as the most capable and willing actors tied to cyber espionage.

New technologies like Artificial Intelligence (AI) and the Internet-of-Things (IoT) have introduced new vulnerabilities into U.S. networks that for the most part, we’re largely unprepared for, but its attacks on the software supply chain that represent one of the biggest emerging threats to U.S. security.

It said 2017 was a watershed year for public reporting of supply chain attacks, as seven incidents were recorded compared to only 4 incidents recorded between 2014 and 2016. Such attacks include Floxif which infected 2.2 million CCleaner customers using a backdoor. The hackers targeted 18 specific companies and infected 40 computers to conduct espionage in order to gain access to Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu.

While the number of attacks is growing, the potential impacts are, too. Hackers continue to target and attack software supply chains to achieve some desired outcome, whether it be cyber espionage, intentional disruption, or financial impact, they don’t appear to be slowing down any time soon.

Supply chain attacks by nature are especially devious because they violate every principle of computer security for consumers, potentially leaving individuals who follow cybersecurity basic principles just as vulnerable as individuals who click and install from unknown sources.

These attacks can be simple, like corrupting a vendor’s patch site by placing malware files similarly named to authorized code, in hopes that the malware file is downloaded. Or, these attacks can be more complicated, like infiltrating the code base to insert malware before the code is compiled or electronically signed.

Hackers continue to use this attack method because it represents an effective way to bypass traditional defenses and compromise a large number of computers. This is due in part because many software development and disruption channels lack proper cyber and process protections, and also because other cyber-attack paths become increasingly less optimal as system owners improve the security posture of their network, components, and computers.  

Attribution of these kinds of attacks is largely unknown, but technical and geographic aspects in many attacks point to hackers in either Russia or China.

Supply chain security cannot be achieved without the essential CIS Controls in place, establishing a solid security foundation for any organization across all industries. These controls coupled with Intelligent Change Control technology can help track and analyze changes made to your system’s integrity by leveraging self-learning whitelisting technology and threat intelligence. Finally, using dynamic baselining will ensure your systems align to the most up to date, compliant state possible.

We at NNT specialize in this exact process, as something we like to call Security through System Integrity. Learn more about how NNT delivers Security Through System Integrity here



NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.