NS SolarWinds Attack It continues to make ripples throughout the world of cybersecurity. For beginners, this form of cyberattack is like a gradual spread of poison, and its fallout has proven to be massive.Beginning with state (US) security concerns that Russia may have been involved, President Biden Executive order A similar effort was subsequently made by the UK Government to improve the country’s cybersecurity.
Whether or not it’s a country-sponsored venture, the attack was a big awakening call and spotlighted software supply chain attacks. This is especially important given that threat actors have quickly adapted this same approach to other supply chains.
Indeed, it seems that they may have found the Holy Grail by targeting companies with a strong web presence. Therefore, in 2021, one of the leading attack vectors growing, the “Web Supply Chain Attack”, emerged.
In these hot spaces, companies sought to reduce product development time by relying on peer-reviewed third-party modules rather than developing all the code in-house. As a result, the use of third-party code has become the norm for web development.
Meanwhile, the web has become more valuable and complex. Static websites have turned into dynamic pages, culminating in today’s full-fledged digital services such as online banking, e-commerce, and streaming. This rapid change was also driven by the expansion of the supply chain of digital services for marketing, UX, and business tools. Instead of implementing their own chatbots, analytics, or CRM tools, companies purchased these services from third parties and integrated them directly into their websites.
So it’s no wonder that more than two-thirds of all the code running on the average website today comes from a third party. And here comes the security concern. In the context of your website, every piece of third-party code has exactly the same permissions as the rest of the code developed internally. Therefore, if the chatbot tool suddenly decides to start acquiring the shopper’s credit card information and leaking it to the e-commerce site, it cannot be stopped. This is the essence of web supply chain attacks. It breaks into third-party service providers, injects malicious code into real services, and as a result spreads to all websites that use it.
Not only are companies out of control of this, they also have no real control over these attacks.So the attack is Mage cart In many cases, they will continue to work for months.
UK National Cyber Security Center It provides some useful advice on assessing supply chain security and supply chain management practices. In fact, they provide information on a set of 12 principles designed to help organizations establish effective management and monitoring of their supply chains. This is a good starting point, but to deal with web supply chain attacks, you need to dig deeper into the usage of third-party code.
The third party code remains the same. Built into the core fabric of web development, it is one of the most valuable assets for competitive product development. However, it is possible to mitigate the risks inherent in externally sourced code if companies learn how to securely integrate their code. This allows security and development teams to reduce code dependencies as much as possible and provide visibility into all code behavior (that is, everything that happens in the browser or end) that runs on the client side of the website. And you need to implement a technology that provides control. -User device).
This is important for enterprises to regain control of their web supply chain. Also, to maximize the level of security, enterprises should continually enforce security at run time and monitor all user sessions for signs of malicious behavior.
This supports the idea behind it DevSecOps – A true paradigm shift in the software industry that seeks to robustly integrate security into modern app development and deployment. As part of its global push towards a safer supply chain, DevSecOps can instill security controls throughout the software development life cycle. These practices certainly help companies regain the visibility and control of their website supply chains that they have already touched upon.
SolarWinds’ supply chain attacks have certainly ruffled many important wings. On the contrary, it has provided global awareness and the first signs of action against what could be one of the major cyber threats of the decade. Today we are at an important time to prevent these attacks, but otherwise the costs are too high to ignore.
Spillover: Why supply chain attack protection is essential
https://www.helpnetsecurity.com/2021/12/01/supply-chain-attacks-protection/ Spillover: Why supply chain attack protection is essential