By: Sheng-Feng Huang
Vital Ways to Prevent a Cyberattack
In mid-December last year, SolarWinds, a company specializing in IT management solutions, was at the center of a software supply chain attack. Not only did attackers damage SolarWinds’ software development environment and code signing infrastructure, but they also implanted malicious backdoors around the world. The attackers released fake software patches to clients via SolarWinds’ software control and construction system, which proliferated backdoor programs and exposed confidential information. The US saw the incident as a national-level attack impacting Fortune 500 companies and government organizations. Undoubtedly, the impact and implications are huge.
According to information security experts, the attack was a multi-step act. A mishap at the beginning of the attack played a crucial role. Developers at SolarWinds accidentally leaked FTP credentials on GitHub in plain text, which allowed the attackers to use compression and Base64 coding to conceal the backdoor code. The code went undetected, even by professional developers.
Furthermore, the hackers embedded malicious source code in the version control system and obtained related certificates and secret keys. These crucial items enabled attackers to invade the development environment and code signing infrastructure. After entering customer networks, the hackers evaded firewalls and security controls in their environments.
In the case of SolarWinds, protecting the software supply chain and reducing the risks from these types of attacks is generally impossible. Even so, the careful development of security specifications, procedures, and detection tools can lower the risks. The following steps can help prevent software supply chain attacks…