- SOLARWINDS SUPPLY CHAIN ATTACK HOW TO
- SOLARWINDS SUPPLY CHAIN ATTACK UPDATE
- SOLARWINDS SUPPLY CHAIN ATTACK SOFTWARE
- SOLARWINDS SUPPLY CHAIN ATTACK CODE
Two examples of how software supply chain attacks lead to breaches are the Ticketmaster and British Airways attacks in 2018. It went through the build process and was signed with a legitimate certificate.
SOLARWINDS SUPPLY CHAIN ATTACK CODE
The attackers were able to change the code making up one of the DLLs packaged with the software. The SolarWinds hack demonstrates what happens when malicious actors gain a foothold within the company network of your suppliers.
SOLARWINDS SUPPLY CHAIN ATTACK UPDATE
Cybercriminals successfully targeting software updates or update servers, which would then compromise the end-user SolarWinds is a worst-case example of this. Cybercriminals compromising a legitimate and trusted application that organizations use as part of their tech stacks. Cybercriminals injecting malicious code into third-party libraries that companies use to build applications. In terms of software, it’s the network of all software components your organization uses to build its software product.Ĭommon types of software supply chain attacks include: “A supply chain is the network of all the individuals, organizations, resources, activities, and technology involved in the creation and sale of a product.” Most software today is comprised of many, many components, each representing a different possible avenue of attack. Internet of Things (IoT) companies could be getting processors from Qualcomm and software from another company (or from open source). It’s along the lines of how an auto manufacturer might build a car: one vendor builds the engine, while another builds the electronic components. And even software vendors themselves have a supply chain. Threats Within the Software Supply ChainĬompanies are becoming more dependent on software every day. This attack brings to light a growing concern within the security community. It’s believed a nation-state is behind these attacks. This attack was very sophisticated the attackers had a way to bypass multi-factor authentication (MFA) through Cisco’s Duo access security solution. The reach was significant enough for the Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to release an emergency directive ordering all federal agencies to disconnect the affected Orion products from their networks. Treasury and Commerce departments, the Department of Homeland Security, and the State Department. Government agencies were targeted, including the U.S. SolarWinds delivers software updates through its update serviceĪn estimated 18,000 customers received the compromised file. The attackers changed a dynamic link library (DLL) to include a remote access trojan (RAT) - FireEye is calling it SUNBURST) - and the update server was compromised so this DLL would be automatically pushed to customers who requested an update. SolarWinds Orion Hack Compromises Up To 18,000 CompaniesĪround 300,000 customers have used SolarWinds security software to monitor and protect their networks.Ī couple of weeks ago, the news that SolarWinds’ Orion platform had been compromised hit the headlines. Your email address is added to our subscription list. 
We’ll also discuss the role of software composition analysis (SCA) in supply chain security.īut before we tackle these issues, let’s recap the SolarWinds hack and the potentially devastating consequences the companies and government agencies that have been infiltrated may suffer.
SOLARWINDS SUPPLY CHAIN ATTACK HOW TO
In this blog, we’ll explore some important takeaways from the SolarWinds hack, with a focus on how to prevent a similar software supply chain attack in your environment. This then impacted the customers that rely on SolarWinds as part of their tech stack. Instead of targeting thousands of companies individually, cybercriminals injected malware into a SolarWinds software update. The scope of the hack is still unknown, but it’s clear that it has impacted all corners of the public and private sectors, including up to 18,000 of SolarWinds’s 300,000 customers.Īs cybersecurity professionals sift through the damage, the most critically important topic is the nature of the hack, which has affected the software supply chains of an almost unbelievable number of federal organizations and large enterprises. National security pundits have been reeling since FireEye discovered that SolarWinds, a popular IT network monitoring tool, had been compromised.
0 kommentar(er)
