An effective software supply chain attack is pure gold to a cybercriminal. It allows them to attack one company, and then use that company to spread the attack to all its customers. The impact of such attacks can have a global reach as seen by WannaCry and Sunburst.
In this podcast, Enterprise Times spoke with Ryan Olson, Vice President, Threat Intelligence, Unit 42, Palo Alto Networks and Scott Dally, Director of Security Operations Centre US at NTT Ltd about supply chain attacks. ET asked them what this type of attack meant.
But should software supply chain attacks be possible? Are vendors doing enough to protect their code and distribution channel? Olson points out that in the case of SolarWinds the company itself was compromised. It is believed that this allowed the attacks to corrupt the build process and insert their malware into the SolarWinds update process.
One of the concerns over this type of attack is its impact on trust between businesses and software vendors. Dally remarks that there is an inherent trust between vendors and their customers. The customer trusts that the software will do them no harm. He says: “That’s the lynchpin of why supply chain attacks are so damaging.”
Post-WannaCry there was a temptation to turn-off auto-update features. It was, thankfully, just a temporary blip as people realised the importance of auto-update. With zero-day attacks on the rise, let’s hope that SolarWinds Sunburst does not cause a repeat of that behaviour.
This is a wide-ranging podcast that talks about trust, network policies, best practices and code signing.
To hear what Olson and Dally had to say listen to the podcast.
Where can I get it?
You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.