Keysight Connect #5: Supply Chain Attacks

2021-03-31  |  4 min read 

Cyberattacks have significantly increased during the pandemic, making IT security one of the leading concerns of many organizations, especially since the majority of them are using software from third-party providers. 

Taking this into consideration, we’ve dedicated the whole 5th Keysight Connect meetup to this topic, with the purpose of raising awareness among companies and help them protect themselves from any vicious attacks. 

Our Keysight Connect meetup is a series of tech events where software engineers showcase their findings and side projects linked to computer networks, testing tools, and cybersecurity.

The 5th edition brought us two researchers within Keysight’s Application and Threat Intelligence Research Center, Simona David and Radu-Emanuel Chiscariu, who shared with the audience their insights on supply chain attacks and what impact they have on companies. 

What Are Supply Chain Attacks?

For software solutions, the supply chain looks something like this: you start with an idea or a need that’s transposed into code (software) that you deliver to multiple end-users. A supply chain attack is a type of cyberattack that targets the most vulnerable links in the supply chain. 

A study by Symantec found that supply chain attacks are increasing threats, significantly growing year over year. 

These types of attacks are not tied to a specific industry. How they typically work is that cybercriminals install a rootkit or hardware-based spying components into the products and then use these components to extract sensitive information. To prevent potential damage from cybercriminals, experts recommend strict control of your organization’s supply network.

Examples of Supply Chain Attacks

  1. Operation SignSight - an attack carried against the Vietnam Government Certification Authority (VGCA)

     2. Operation StealthyTrident - an attack carried against Able Soft (Able Desktop) initially launched in 2017

     3. Operation Lazarus - an attack carried against the WIZVERA VeraPort application.

However, the most significant supply chain attack of 2020 was the Sunburst backdoor. 

The Sunburst Backdoor 

The nature of a supply chain attack is that cybercriminals go after trusted vendors and products instead of targeting end-users directly. What made the Sunburst backdoor a particularly vicious attack were the number and the nature of the companies affected. Some of them include:

  • Cisco
  • SAP

  • Intel

  • Deloitte

  • Nvidia

  • Fujitsu

  • Lukoil

  • Rakuten

  • Optimizely.

Find out more details about these supply chain attacks in our Keysight Connect #5 video below 👇

 

*This video was recorded during a Keysight Technologies Romania online meetup. If you want to be notified about upcoming events, follow us on social media.