The US intelligence has warned supply chains about cyberattacks that they might face. Such economic deception could have involvement of Russia, China and Iran. Other than the software supply chain, other sectors could also be attacked putting sensitive data at risk of infiltration. America’s National Counterintelligence and Security Center published Foreign Economic Espionage Report. In 2017, events of 7 important software supply chains had been made public. Compared to that, only 4 similar incidents had reportedly taken place between 2014 and 2016. The matter of highest concern is the exploitation of computer networks using privileged access of technology providers. William Evanina of NCSC said that such attacks pose serious threats to national security and trade secrets.
Various attacks have been highlighted by the report like the spreading of a booby-trapped version of a computer cleaning software called CCleaner which was brought to light last September. This was done by putting in malicious codes into the program and taking advantage of the access that the program enjoyed. Out of the millions of machines infected, around 18 companies, including Asus, Intel, Samsung, Fujitsu, O2 and VMware, were specifically targeted by the hackers. Other than stealing information, such espionage also makes way for disruptive effects. Targeting of Ukraine in the NotPetya attack is one such instance of attack on software supply chain. The hackers, possibly Russian, used accountancy software for filing of tax returns. There were damages worth millions as several other countries doing business with Ukraine were pulled into the attack via machines used. Cyberattacks have the potential to affect several machines through a single compromised machine and are more difficult to detect as compared to traditional malware attacks. Another instance is attack on South Korean firm Netsarang which in turn affected many other sectors like energy, pharmaceutical, financial, telecom, manufacturing and transport. Discussion also took place on Kingslayer. It was said in the report that one defense contractor of the US had been compromised.
Cyber-security company named Crowdstrike published its reports last week. It said that 2/3 of organizations that responded had faced cyberattacks in the past year. One cyber-attack on an average costs above $1.1m. The report stated that companies with links to China and Russia could be risky, and hence products of Kaspersky Lab were asked to be removed by Homeland Security from the US federal departments and agencies. The Russian company has however denied being involved in any sort of espionage.