|
The purpose of a supply chain attack is to run malicious code on
•networks that are otherwise difficult to penetrate •rapidly infect a potentially large number of users/networks |
This can be accomplished by hiding the malware in a legitimate software product. What is dangerous about a supply chain attack, is that it can potentially infect a large number of networks (which depends on the install base of the infected software product) while at the same time being difficult to detect if the malware manages to blend in with the legitimate software product.
Attackers can use a variety of methods to infiltrate a sotware product:
•Compromise the build environment & inject malicious code
•Manipulate dependencies (e.g. libraries)
•Compromise the build process
•Compromise the software distribution (e.g. download web site)
Software vendors are at risk for supply chain attacks, and need to take measures to prevent or at least detect these types of attacks.
