• Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Menu
  • Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Phone-alt Linkedin

Hacks – Examples of major Supply Chain attacks

Supply chain attacks occur when a third-party provider of software or hardware is exploited and attackers use this to further infiltrate customers of these providers. A prevalent example of this is the SolarWinds attack. The SolarWinds (SW) attack took advantage of SW’s Orion product which is a network management system, and attackers leveraged this product to deploy a malware to customers through the form of an update, originating from a SW server.  This goes to show that some attackers are eyeing bigger fish due to the leverage it holds.

Another major example of this type of attack is ‘NotPetya’. This was developed by Russian hackers and crippled major shipping company Maersk. Russian hackers were able to infiltrate the Ukrainian government and many companies to deploy this malware. The malware ended up being deployed in the Ukrainian power grid which attackers consequently used to shutdown power during the winter and it was also deployed to many Ukrainian companies resulting in major data loss. The primary target for attackers was a group called ‘Linkos Group’ which was a small software company in Ukraine who distributed their products to nearly every business in the country. When the Russian hacker group ‘Sandworm’ infiltrated this company, they used the same method to infect these companies with the malware, through an update which gave them backdoor access to these companies IT infrastructure.

Through those examples we can see an emerging pattern. Attackers are extremely patient, diligent and resourceful individuals who are willing to conduct extensive reconnaissance of a target before developing a plan of attack. By doing this, they are able to identify key targets who they can rely on to distribute their malware to unsuspecting trustworthy customers. They do this to increase their attack surface and their reward is more effective and efficient and the outcome is higher reward with ‘less’ effort. From here, they are able to take a benign task like updating your software and turn it into a distribution method that no one suspects or usually checks.

As a result, it is important to think and analyse every aspect of your IT infrastructure from who is providing the IT products to how its configured as attackers aren’t just target companies or individuals but they are targeting the major providers instead.

Recent blog posts

Common Vulnerabilities and Exposures – October 2022

Read More »

Hacks – October 2022

Read More »

Protecting your data – The CIA Triad – Part One: Confidentiality

Read More »

Need help with this?

Enter your details below and one of our team will get in touch

Other Similar Articles

Common Vulnerabilities and Exposures May 2022 – Follina Zero Day Vulnerability

Read More »

Common Vulnerabilities and Exposures

Read More »

Protect your Microsoft O365 tenant

Read More »

Network Firewall

Read More »
View all our blog articles
Linkedin
  • Insights
  • Contact Us
Menu
  • Insights
  • Contact Us

Our Office

Level 2, 157 Walker Street, North Sydney, NSW 2060

Call Us

(02) 9136 6066

Email Address

info@brace168.com