Hackers target business supply chains

Source: Vsoftsystems, 06/06/2018

Hackers target business supply chains

NCSC: Attackers compromised channel providers` software updates in
2017
Hackers are targeting supply chain firms to gain access to
commercially sensitive data from them and their customers, according
to the UK`s National Cyber Security Centre (NCSC).
A large number of managed service providers (MSPs) were subject to
such cyber attacks in 2017, according to the joint report by the
National Cyber Security Centre (NSCS) and the National Crime Agency
(NCA), which warned channel partners and their customers to take
steps to defend against similar attacks this year.
The report, titled `The cyber threat to UK businesses 2017-2018`,
explained how such attacks, including the compromise of a large
number of MSPs, are normally designed to breach confidentiality and
integrity, but may also be designed to affect availability, through
methods such as supplying defective equipment.
Further opportunities for threat actors to interfere with the supply
chain may also be afforded by inserting bugs into hardware and
software updates for contracts where partners are responsible for the
ongoing servicing of hardware or software.
The report warned: `When done well, supply chain compromises are
extremely difficult (and sometimes impossible) to detect.
`Network monitoring can detect unusual or suspicious behaviour, but
it is still difficult to ascertain whether a security flaw has been
deliberately introduced (possibly as a backdoor) or results from a
careless error on the part of developers or manufacturers - or indeed
to prove that any potential access has been exploited. Services of
almost any sort can be affected, particularly if they involve
electronic connectivity or data import.`
Significant examples cited include two software companies, MeDoc and
CCleaner, which were compromised at source, leading to their
customers being infected with malware when downloading the software
or any updates.
The report also recommended a series of measures that businesses and
supply chain partners should take to mitigate the risk of such
hacking.
It recommends understanding what needs to be protected and why, as
well as understanding the security risk, setting minimum security
requirements for partners and raising awareness of security within
the supply chain, as well as advising partners to meet their security
responsibilities and offer support for security incidents.

UK businesses` cyber threat risk is `bigger than ever`, the NCSC
said, and the report revealed there had been there had been 34
significant attacks - defined as attacks that require a cross-
government response - between October 2016 and the end of 2017, with
762 less severe attacks across this period.
Other major incidents comprised ransomware and distributed denial of
service (DDoS) attacks, massive data breaches, as well as fake news
and information operations, while the report also threw the spotlight
on emerging threats such as crypto-jacking.
Verizon also released its 11th annual Data Breach Investigations
Report today, which highlighted ransomware as the most commonly-seen
form of malware over the course of 2017, up from fourth place the
previous year, with ransomware infections increasingly affecting
business-critical systems rather than just desktops.
This, however, is in contrast with Malwarebytes` latest quarterly
cybercrime report, which outlined that while ransomware detections
were up 28% between January