Open-Source Tools Fuel Surge in Supply Chain Attacks, New Report Reveals
A surge in supply chain attacks has been fueled by the widespread use of open-source code and legitimate hacking tools, according to a report done by ReverseLabs. The cybersecurity company Rhighlights the rising popularity of a once-rare and intricate form of cyberattack, attributing the increase to cybercriminals' increased proficiency in executing software supply chain attacks.
In software supply chain attacks, hackers pinpoint a single third-party software piece to breach an organization's customer data or gain access to a target's network. Thousands of major consumer brands were vulnerable to such attacks last year, with ongoing targeting this year through newly discovered flaws in products from Citrix and Ivanti.
Nation-state hacking groups favor these attacks due to their increased difficulty in detection by victim organizations.
A significant development noted in the report is the emergence of cybercriminal groups actively building tools and sharing insights, effectively lowering the barrier to entry for executing software supply chain attacks. The sharing of open-source tools and resources among attackers contributes to this shift in tactics.
Key Findings:
- A 28% increase in the number of malicious packages across three major open-source repositories was observed in the first nine months of 2023 compared to the same period in 2022.
- At least five new techniques were identified that hackers used to evade detection from basic network monitoring tools.
- Malicious packages included code to obfuscate or encrypt hacker activity, potentially creating backdoors into company networks, spreading infostealer malware, facilitating trojan horse attacks, and more.
As cyber adversaries adapt and innovate, the surge in supply chain attacks driven by open-source tools underscores the dynamic nature of cybersecurity challenges. The cat-and-mouse game between defenders and hackers witnessed a series of pivots in 2023, emphasizing the need for continuous technological advancements to detect and thwart evolving attack vectors.
ReversingLabs' revelations shed light on the democratization of cyber threats, where cybercriminal groups actively collaborate, lowering the entry barrier for executing sophisticated software supply chain attacks. As companies face an increased risk, the call for stringent technology audits, continuous code scanning, and government intervention in shaping robust software supply chain guidance becomes more pronounced.
The GRC Report is the first word in governance, risk, and compliance news. As your trusted source for comprehensive coverage, the GRC Report keeps you informed and equipped to navigate the evolving landscape of governance, risk, and compliance. And remember, the GRC Report isn't just a news source; it's a community of professionals who share your passion for GRC excellence. Don't miss out on our insightful articles and breaking news – join the conversation and empower your GRC journey.