Table of Contents
What is meant by a supply chain attack?
A supply chain attack is a type of cyber attack in which a thief attacks any service provider, mainly a software service provider, and gets involved with the weakest suppliers and, through it, harms the main organization.
What is a Software supply chain attack?
In software supply chain attacks, hackers mainly attack in the development, putting malicious pieces of code in the main code; sometimes it happens by tricking, gaining the organization with confidence, and getting the code, then altering it with any malware according to the goal the hacker wants to achieve, getting the unauthorized access. Also, hardware components are attacked too by different methods.
The majority of the time, the internal team wouldn’t know about the attacks, as it is done with cleanliness inside the main code of the software.
Some of the software supply chain attacks that happened are:
CCleaner Attack
CCleaner is known as a tool for cleaning the PC and making it faster and more secure; hackers in 2017 exchanged the original software with the malicious software one. More than 2 million users were affected by this and used the malicious software.
Further details of this case can be read through from hacker news
https://thehackernews.com/2018/04/ccleaner-malware-attack.html
Kaseya VSA Ransomware Attack
According to Wikipedia, this attack happened in 2021, in which a hacker exploited a vulnerability in VSA (Virtual System Administrator), which is an IT management software, due to which more than a thousand IT businesses were affected. The details of this attack can be read through Wikipedia.
https://en.wikipedia.org/wiki/Kaseya_VSA_ransomware_attack
XCodeGhost
In 2015, one of Apple’s modified versions of the XCodeGhost development environment had distributed malware, through which iOS applications got malware, and more than 4,000 apps got its impact, and user data was compromised. Details of this attack can be found on Wikipedia:
https://en.wikipedia.org/wiki/XcodeGhost
Prevention from supply chain attack
Here are some prevention measures that can be used to stay protected from supply chain attacks:
- Use of security tools that can be used while coding; secure coding practices should be made.
- Verify the updates made in the application or the overall system.
- While using open-source libraries, always make sure to use tools that can identify if they have any kind of vulnerabilities.
- Use common and used open-source libraries.
- When deploying an application, first test it in a controlled environment.
- Keep developer sessions in which such attacks and preventions can be taught.
- Review the third-party software when utilizing it.
- Keep your organization educated with the latest cybersecurity trends.
Frequently Asked Question
Conclusion
Supply chain is real in which attack on service providers with an aim of causing havoc to organizations by capitalizing on the vulnerable areas in the development of services. They include the CCleaner Attack; launched in 2017, which targeted 2 million users; Kaseya VSA Attack; occurred in 2021, that targeted more than a thousand businesses; and XCodeGhost; which affected over 4,000 iOS apps in 2015. Some defense controls include applying Security Development, checking verified updates, realistic testing, assess third-party software, and being aware of threats.
No Comments