Search This Blog

Showing posts with label supply chain security. Show all posts

What is a Supply Chain Attack? Here's How is it Making Your Software Vulnerable

 

Users receive warnings from public and private organizations asking them to be aware of fraud links and sources, to not share their credentials with anybody, and save their sensitive data from dark websites, etc. commonly. However, the sophisticated hacking market is generating a sense of fear in minds of the public with questions like what if the legal software and hardware that makes up your network has been already compromised at the source? Which leads us to our main question: What is a supply chain attack? 

A very common form of cyber-hacking is known as a "supply chain attack”, it is also called a value-chain or third-party attack. This umbrella term ‘supply chain attack’ includes those cyber attacks that target software developers and suppliers so that several clients and customers of the fine products and services can be affected directly. 

By leveraging a single developer or supplier, threat actors or spies can steal its distribution systems and install the application that they want to send to the victims. 

By compromising a single chain, the hackers can well-place intrusion and can successfully can create a springboard to the networks of a supplier's consumers in which thousands of people can be victimized. 

Supply chain attacks have always been understood as daunting tasks. The reason behind this is their consequences can be very severe, a single attack can leave the whole organization with severe vulnerabilities and can break the trust between an organization and the customers. 

"Supply chain attacks are scary because they're really hard to deal with, and because they make it clear you're trusting a whole ecology," says Nick Weaver, a security researcher at UC Berkeley's International Computer Science Institute. "You're trusting every vendor whose code is on your machine, and you're trusting every vendor's vendor." 

In December 2020, the worst face of the supply chain attack had already been witnessed, when it was discovered that the Russian malicious actors later identified as Russian foreign intelligence service (SVR) compromised the software firm SolarWinds and installed malicious code in its IT management tool Orion. With this, hackers attacked at least nine US federal agencies. 

The spy operation ‘SolarWinds’ wasn't unique, there is a list of events that already hit the world’s big companies including a Chinese hacking group known as Barium carrying out at least six supply chain attacks over the past five years. 

In 2017, the Russian threat actors ‘Sandworm’, hijacked the software updates of the Ukrainian accounting software MEDoc, which ultimately inflicted $10 billion in damage worldwide. This attack is the costliest cyberattack in history.

With the available statistics and data, we can conclude that supply chain attacks are a huge problem that's not going away anytime soon. 

SolarWinds Hack Alarms US Spy Agencies to Inspect Software Suppliers' Ties with Russia

 

US intelligence agencies have started to study supply chain threats from Russia, a top official within the Justice Department confirmed on Thursday 6th of May, in the wake of the far-reaching hacker operations that used software developed by SolarWinds as well as other suppliers. 

SolarWinds Inc. is an American multinational that creates software to help companies manage their IT infrastructure, systems, and networks. It is based in Austin, Texas, and has distribution and product development branches at several US locations and other countries.

According to John Demers, Assistant Attorney General for National Security, the examination will concentrate on any supply chain vulnerabilities arising from Russian businesses—or US businesses operating in Russia. 

“If there’s a back-end software design and coding being done in a country where we know that they’ve used sophisticated cyber means to do intrusions into U.S. companies, then maybe … U.S. companies shouldn’t be doing work with those companies from Russia or other untrusted countries,” Demers stated during a Justice Department-hosted cybersecurity conference. 

Demers stated that any information gathered from the Commerce Department would be passed on to the FBI and the other intelligence officials to determine whether more actions are required to remove suppliers from the U.S. supply chains or not. 

The White House accused the Russian SRV foreign intelligence agency of the spying operation which used the software of SolarWinds and penetrated at least nine U.S. federal agencies. Russian technology firms have also been endorsed by the management of Biden to finance the cyber operations of Russian intelligence agencies. Though the allegations were rejected by Moscow. 

However, the United States intelligence analysis reveals that the Biden administration is also looking into how potential spying operations will mimic whatever the SVR is supposed to use weak points in US tech companies' networks. 

An extensive range of US government and businesses were exposed to infiltration by allegedly Russian hacking. Initially, SolarWinds, stated that the malicious code had been downloaded by 18,000 customers. However, the original target list of spies was made up of 100 corporations and, as per the White House, at least nine federal agencies. 

Concerns of American officials regarding exposures to the supply chain have indeed increased in recent weeks as certain hacks arose. 

Whereas a 2019 executive order signed by then-President Donald Trump appears to approve the supply chain inspection, that forbids US telecommunications companies from using hardware that constitutes a national security risk. 

Although the executive order was widely seen as an effort to further limit the Chinese telecommunications company Huawei's access to US markets, it can also be applied to various other technologies from other countries. U.S. intelligence officers are tasked with constantly reviewing international supply chain threats and providing for additional "rules and regulations" to recognize innovations or nations that may pose a danger. 

In the supply chain screening, the US intelligence officials have long expressed fears that Moscow could use the Russian suppliers' technology to spy on America.