Over the past few years, this trend has been increasing. The majority of attacks aim at software distribution channels. Most of the software supply chain attacks have been linked to Chinese-speaking hackers. Some of the known perpetrators of these attacks have been Barium sometimes known as Wicked Panda, ShadowHammer or ShadowPad. Successful supply chain attacks lead to a huge number of victims as this kind of attack is hard to discover. They simply spread the malicious lines of codes in trusted programs such as CCleaner which the unsuspecting users download. This hacking technique has proven to be a challenge to researchers because it exploits the gaps in the software trust models which govern code in machines. In short, supply chain attacks take advantage of the trusted software mechanisms ending up with thousands of unsuspecting victims.
Although more than six companies including ASUS have been affected by this type of attacks, the hackers seem to concentrate on spying as opposed to destruction. However, although there are few or no instances of destruction, the increasing number of supply chain attacks over the years has not only undermined integrity and trust on software and different brands but has also led to the concern that destruction may be in the offing. This could have much more impact than other traditional forms of attacks such as phishing, as people may end up losing trust in legitimate software, apps, updates and vendors. Since almost every company uses outside software and hardware as no one builds all technology from scratch, there is considerable risk attached to this. The supply chain may be corrupted leading to massive losses and casualties.
Despite security companies such as ESET and Kaspersky having successfully identified the attack, it is the future of these attacks that’s worrying. For instance, the attacks conducted by the likes of Barium are becoming more advanced and stealthier now than before. In the case of an attack carried out on Asus for example, the attacker disabled command-and-control server communication on the target, making it hard for defenders to find the attacker. In some instances, attackers are now capable of hiding one supply chain attack within another making the whole thing highly complex. This suggests a constant evolution in the methods of attack and the growing sophistication of supply chain hackers. As time goes by, it becomes harder for cybersecurity professionals to discover hacking activity and catch hackers.
As threats on supply chain continue increasing and hackers keep getting more skilled, each software or device purchased, the application downloaded or updates installed need to be thoroughly vetted and monitored for possible risks to security. Accordingly, all patches need to be up to date to protect the systems from corruption.