Cyber hackers targeting software supply chains, says report

By James Henderson
Cyber hackers are "clearly targeting software supply chains" to achieve a range of potential effects to include cyber espionage, organisational disrupti...

Cyber hackers are "clearly targeting software supply chains" to achieve a range of potential effects to include cyber espionage, organisational disruption, or demonstrable financial impact.

That's the verdict of the 2018 Foreign Economic Espionage in Cyberspace report, which said last year represented a watershed in the reporting of software supply chain operations.

In 2017, seven significant events were reported in the public domain compared to only four between 2014 and 2016. As the number of events grows, so too are the potential impacts.

Large-scale events in 2017 included the following:

• Floxif infected 2.2 million worldwide CCleaner customers with a backdoor. The hackers specifically targeted 18 companies and infected 40 computers to conduct espionage to gain access to Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu.

• Hackers corrupted software distributed by the South Korea-based firm Netsarang, which sells enterprise and network management tools. The backdoor enabled downloading of further malware or theft of information from hundreds of companies in energy, financial services, manufacturing, pharmaceuticals, telecommunications, and transportation industries.

• A tweaked version of M.E. Doc was infected with a backdoor to permit the delivery of software from the Ukrainian accounting firm a destructive payload

disguised as ransomware. This attack, which was attributed to Russia, paralyzed networks worldwide, shutting down or affecting operations of banks, companies, transportation, and utilities. The cost of this attack to FedEx and Maersk was approximately $300 million each. 

• A malware operation dubbed Kingslayer, targeted system administrator accounts associated with U.S. firms to steal credentials in order to breach the system and replace the legitimate application and updates with a malware version containing an embedded backdoor. Although it is not known which and how many firms were ultimately infected, at least one U.S. defence contractor was targeted and compromised.

The report said foreign intelligence services from China, Russia and Iran are the leading sources of cyberthreats targeting economic espionage, and that emerging technologies such as artificial intelligence and the Internet of Things will introduce new attack threats for which U.S. networks are not prepared.

Share

Featured Articles

P&SC LIVE New York 2024 Virutal - SAVE THE DATE

Don’t miss out on your chance to attend Procurement & Supply Chain LIVE New York in 2024 Virtually, 5-6 June

Charities & NGOs Submit to The Global P&SC Awards for FREE

The Global Procurement & Supply Chain Awards hosted at P&SC LIVE London Sept 2024 welcomes charities and NGOs to submit for FREE

Procurement & Supply Chain LIVE: 2024 Dates to Remember

Don’t miss out on your chance to network with peers and leading global C-suite executives from the procurement and supply chain industry

Gartner Unveils Top Supply Chain Technology Trends for 2024

Technology

What the Latest CSDDD Milestone Means for Supply Chains

Sustainability

Aniebo Etudor from Baker Hughes to speak at P&SC LIVE Dubai

Digital Supply Chain