Visible to the public Biblio

Filters: Author is Thomas Wills  [Clear All Filters]
2021-10-27
Peter Champion, Rachel Bruenjes, Michael Cohen, Jade Freeman, Ryne Graf, Moh Kilani, Caroline O'Leary, Christopher Pashley, John Ryan, Genevieve Shannon et al..  2018.  Cyber Resilience and Response. :1-45.

Another risk posed by the limited number of available vendors is the threat of supply chain attacks. According to researchers at CrowdStrike on June 27, 2017 the destructive malware known as NotPetya was deployed using a legitimate software package employed by organizations operating in Ukraine. The attack used an update mechanism built into the software to provide updates and distribute them to the vendor’s customers. This same mechanism had been used a month earlier to deploy other ransomware attacks. Supply chain attacks exploit a trust relationship between software or hardware vendors and their customers. These attacks can be widespread targeting the entire trusted vendor’s customer base and are growing in frequency as well as sophistication.

2021-10-26
Peter Champion, Rachel Bruenjes, Michael Cohen, Jade Freeman, Ryne Graf, Moh Kilani, Caroline O'Leary, Christopher Pashley, John Ryan, Genevieve Shannon et al..  2018.  Cyber Resilience and Response. 2018 Public-Private Analytic Exchange Program. :1-45.
Another risk posed by the limited number of available vendors is the threat of supply chain attacks. According to researchers at CrowdStrike on June 27, 2017 the destructive malware known as NotPetya was deployed using a legitimate software package employed by organizations operating in Ukraine. The attack used an update mechanism built into the software to provide updates and distribute them to the vendor’s customers. This same mechanism had been used a month earlier to deploy other ransomware attacks. Supply chain attacks exploit a trust relationship between software or hardware vendors and their customers. These attacks can be widespread targeting the entire trusted vendor’s customer base and are growing in frequency as well as sophistication.