Insights from Supply Chain Attack Investigations

Costin G. Raiu & Vitaly Kamluk

Supply chain attacks are becoming some of the least-expected and hard to discover threats in the modern world.  Often employing valid digital signatures and capitalizing on the reputation of established vendors, many security controls and mechanisms are failing to prevent supply chain attacks from successfully injecting malicious code into vast numbers of victim computers.  Researchers have uncovered multiple cases of compromises utilizing the supply chain attack vector this year.  This presentation will share insights from the researcher’s investigations and send a message to software developers about supply chain threats they need to be concerned about.

* supply chain attacks – famous cases, including ShadowPad, CCleaner
* connections with the Barium APT group
* the ShadowHammer  case
* supply chain attacks against the gaming industry
* attacks against software developers, trojanized development tools
* ShadowHammer-related attacks and other Barium operations