Copycat copy and length ban on supply chain security in 2022

1641053670 Copycat copy and length ban on supply chain security in

Replica attacks and a low barrier to entry will ensure the rate of supply chain attacks increases next year, cybersecurity researchers have warned.

ZDNet recommends

The best security key 2022

While strong passwords go a long way in securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

The supply chain is a constant attack vector for threatening actors today. By damaging a centralized service, platform or software, attackers can then infiltrate a wide range of original victim customers and messengers - single or they can choose to choose from the most valuable targets.

This can save time and money for cybercriminals, as one successful attack can open the door to thousands of potential victims at once.

A ransomware attack filed against Kaseya in 2022 highlighted the unrest that a supply chain - based attack could cause. Ransomware was exploited by exploiting vulnerabilities in Kaseya’s VSA software, leading to a multi-service-led (MSP) -based compromise in Kaseya’s customer base.

However, only a small number of businesses were affected by this. One of the most powerful examples in recent years is the SolarWinds breach, in which a malicious software update was sent to approximately 18,000 clients.

The attackers behind the harassment then selected a handful of high-profile customers to further compromise, including several U.S. government agencies, Microsoft, and FireEye.

In a recent study of 24 recent software supply chain attacks, including those investigated by Codecov, Kaseya, SolarWinds, and Mimecast, the European Union Organization for Cybersecurity (ENISA) said that the design stage and the implementation of supply chain attacks are usually complex - but the chosen attack methods are infrequent.

Supply chain attacks can be carried out by exploiting software vulnerabilities; malware, phishing, stolen credentials, employee certificates & accounts, vulnerable open source components, and firmware blocking, among other vectors.

But what can we expect from supply chain security in 2022?

Low barriers to entry

Talking to ZDNet, Ilkka Turunen, Field CTO of Sonatype, said that malicious software supply chain activity is likely to increase in 2022 due to low inhibition of intrusive attack methods, such as dependency disruption - which is a means of attack "to good repetition ".

"It's not good to use if the actor's goal is to influence as many organizations as possible," Turunen said. this is on their software ecosystem, but the actor has now made money. "

Brian Fox, CTO of the enterprise software company, said most copywriters today are copycats, and that "long-range" - or, 'attack of the day' attacks are being carried out. with fast-paced threat actors - set to increase the number of supply chain submissions next year.


Read on: Technology and the global supply chain Supply chain security is worse than we think 91% of IT leaders affected by supply chain disruption: study |


Increases attacks while redefining the margin

In a world of Internet of Things (IoT) devices, old security models, working from home orders, hybrid / on-prem cloud deployment, and complex digital supply chains are no longer suitable.

According to CSO Sumo Logic George Gerchow, campaign players are "still struggling" with the idea that they do not have a specific defensive margin. As they push forward with digital transformation projects, they do not account for the expanded attack surface that new apps and services can create.

"CISOs and IT security teams do not yet have a chair at the table, and security is still being promoted as the final step in the process. In the next year, the leadership teams of organizations will begin to awaken this. Governing bodies are becoming more aware of security because of the hype surrounding ransomware and hate, which makes them care about security issues. "

Companies that are now increasingly reliant on components, platforms and services delivered at different levels of supply chain need to awaken to this reality, and as a result, security is required. explore - and consolidate - bringing in outside its own business networks.

READ  Could being really cold be good for you?

Ransomware events will increase

Ransomware is now one of the most lucrative aspects of the cybercriminal world, with high illegal payments being made and as a result of the hacking tactics being used, including perpetual encryption and threat release sensitive information.

With the highest blackout payment made in 2022 of $ 40 million, ransomware is likely to start making more of an impression in supply chain attacks.

However, these do require design, experience, and a bit of skill - so Splunk security strategist Ryan Kovar believes that cybercriminals on the road to becoming "professional" may be the ones who devise ransomware and supply chain attack vectors.

“By attacking the supply chain, attackers can keep group data for counterfeiting, and research shows that two-thirds of ransomware attacks are executed by level grifters low bought ransomware tools off the Dark Web, "Kovar says. "With the ongoing crisis in the supply chain leaving supply lines more vulnerable than ever, organizations need to prepare themselves for the instability of ransomware attacks on their supply chains."

Technical debts must be paid

As enterprise groups begin to explore the digital supply chain for vulnerable areas, they must also address their "technical debt" levels - explained by Stuart Taylor, CEO of Forcepoint X-Labs, as the difference between 'the' price 'a technical project should cost to ensure a secure and secure future, and the' price 'that an organization is willing to pay in two really. "

Forcepoint expects to see a "significant" increase in copcat attacks against the supply chain next year, so organizations are being urged to conduct frequent code reviews and keep security in mind during each phase of the development and deployment process. Taylor said:

"Software that is still in use cannot be ignored, with updates and parking discarded. That could not be an easier way for attackers to get caught. None of these are campaigns. but in contrast to the destruction that such software malware can cause in a supply chain, it is something that no organization can ignore. "

SBOMan

The lack of transparency regarding parts, software and security position of players within a supply chain is also a problem for retailers today.

Despite recent sexual assaults such as Solarwinds, Gary Robinson, CSO at Uleska, believes that over the next 12 months, more companies will need Security - oriented Materials Bill (SBOMs), which could be part of due diligence in the future supply of chain industry agreements.

SBOMs are software and affiliate investments designed to implement open transparency about the use of software in the enterprise. They may include supplier lists, licenses and security check verifications.

"Organizations will also move to an Ongoing Security Assurance where providers are required to provide up-to-date security reports," Robinson predicts. -dè. This security gap is directly related to the company's own security guarantee, and suppliers need to address it. "


Previous and related broadcast


Do you have a tip? Contact Securely via WhatsApp | Signal at +447713 025 499, or more on Keybase: charlie0


Related Posts

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Subir

We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information