The U.S. National Counter Intelligence and Security Center’s Foreign Economic Espionage in Cyberspace report released last week highlights the increased threat that software supply chain attacks pose to our critical infrastructure sector.

The report breaks down the current threats as well as future trends in foreign intelligence efforts to compromise U.S. intellectual property, trade secrets, and proprietary information in cyberspace, naming China, Russia, and Iran as the most capable and willing actors tied to cyber espionage.

New technologies like Artificial Intelligence (AI) and the Internet-of-Things (IoT) have introduced new vulnerabilities into U.S. networks that for the most part, we’re largely unprepared for, but its attacks on the software supply chain that represent one of the biggest emerging threats to U.S. security.

It said 2017 was a watershed year for public reporting of supply chain attacks, as seven incidents were recorded compared to only 4 incidents recorded between 2014 and 2016. Such attacks include Floxif which infected 2.2 million CCleaner customers using a backdoor. The hackers targeted 18 specific companies and infected 40 computers to conduct espionage in order to gain access to Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu.

While the number of attacks is growing, the potential impacts are, too. Hackers continue to target and attack software supply chains to achieve some desired outcome, whether it be cyber espionage, intentional disruption, or financial impact, they don’t appear to be slowing down any time soon.

Supply chain attacks by nature are especially devious because they violate every principle of computer security for consumers, potentially leaving individuals who follow cybersecurity basic principles just as vulnerable as individuals who click and install from unknown sources.

These attacks can be simple, like corrupting a vendor’s patch site by placing malware files similarly named to authorized code, in hopes that the malware file is downloaded. Or, these attacks can be more complicated, like infiltrating the code base to insert malware before the code is compiled or electronically signed.

Hackers continue to use this attack method because it represents an effective way to bypass traditional defenses and compromise a large number of computers. This is due in part because many software development and disruption channels lack proper cyber and process protections, and also because other cyber-attack paths become increasingly less optimal as system owners improve the security posture of their network, components, and computers.  

Attribution of these kinds of attacks is largely unknown, but technical and geographic aspects in many attacks point to hackers in either Russia or China.

Supply chain security cannot be achieved without the essential Critical Security Controls in place, establishing a solid security foundation for any organization across all industries. These controls coupled with Intelligent Change Control technology can help track and analyze changes made to your system’s integrity by leveraging self-learning whitelisting technology and threat intelligence. Finally, using dynamic baselining will ensure your systems align to the most up to date, compliant state possible.

We at NNT specialize in this exact process, as something we like to call Security through System Integrity. Learn more about how NNT delivers Security Through System Integrity here

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.