Supply Chain Attacks
(OBJ 2.2 & 5.3)
Supply Chain Attacks
- An attack that targets a weaker link in the supply chain to gain access to a primary target
- Exploit vulnerabilities in suppliers or service providers to access more secure systems
- Example:
- Chip Washing: Involves repacking the contents of a microchip with a less expensive one or one that contains embedded malware.
- At worst you just installed a network router that you thought you could trust but it actually has a counterfeit chip inside of it that turns your own network hardware against you and provides an always-on backdoor into your network for a given threat actor.
- Rootkit embedding: Embedding of root kits within devices by your overseas suppliers.
- These pre-installed malware tools can provide undetectable backdoor access to network once the device is active.
- Chip Washing: Involves repacking the contents of a microchip with a less expensive one or one that contains embedded malware.
- Conducting a good vendor assessment is important!
SolarWinds example (software supply chain attack)
- During the attack, cyber criminals infiltrated the SolarWinds Orion software update system and used it to distribute their own malware to all the company's wide range of clients, including governments across the world!
- Goal: Was not to infiltrate a single target, but to compromise the networks of thousands of organizations including US gov. agencies.
CHIPS Act of 2022
- Also known as the CHIPS and Science Act of 2022
- U.S. federal statute providing funding ($280 billion) to boost semiconductor research and manufacturing in the U.S.
- Aims to reduce reliance on foreign-made semiconductors, strengthen the domestic supply chain, and enhance security
- Semiconductors
- Essential components in a wide range of products, from smartphones and cars to medical devices and defense systems like missile systems and airplanes.
- Makes the domestic supply chain, more resilient to disruptions (which are fatal)
- "Minimizes supply chain risks"
Safeguarding Against Supply Chain Attacks
- Vendor Due Diligence
- Rigorous evaluation of vendor cybersecurity and supply chain practices
- Understanding the vendors cybersecurity posture and also their own supply chain management and security practices
- Regular Monitoring & Audits
- Continuous monitoring and periodic audits of supply chains to detect suspicious activities
- Helps you have an early detection mechanism for any suspicious activities or vulnerabilities.
- Education and Collaboration
- Sharing threat information and best practices within the industry
- Collaborating with organizations and industry groups for joint defense
- Industry as a whole is more protected.
- Incorporating Contractual Safeguards
- Embedding cybersecurity clauses in contracts with suppliers or service providers
- Ensuring adherence to security standards with legal repercussions for non-compliance