Visible to the public Biblio

Filters: Keyword is critical infrastructure  [Clear All Filters]
2021-10-26
[Anonymous].  2021.  Supply Chain Compromise.

CISA is tracking a significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations. An advanced persistent threat (APT) actor is responsible for compromising the SolarWinds Orion software supply chain, as well as widespread abuse of commonly used authentication mechanisms. This threat actor has the resources, patience, and expertise to gain access to and privileges over highly sensitive information if left unchecked. CISA urges organizations to prioritize measures to identify and address this threat.

Matthew Scholl.  2021.  SolarWinds and Beyond: Improving the Cybersecurity of Software Supply Chains.

Our economy is increasingly global, complex, and interconnected. It is characterized by rapid advances in information technology. IT products and services need to provide sufficient levels of cybersecurity and resilience. The timely availability of international cybersecurity standards and guidance is a dynamic and critical component for the cybersecurity and resilience of all information and communications systems and supporting infrastructures.

[Anonymous].  2019.  NCSC SCRM Best Practices.

Supply chain exploitation, especially when executed in concert with cyber intrusions, malicious insiders, and economic espionage, threatens the integrity of key U.S. economic, critical infrastructure, and research/development sectors.

[Anonymous].  2021.  America's Supply Chains. 86(38):1-6.

The United States needs resilient, diverse, and secure supply chains to ensure our economic prosperity and national security. Pandemics and other biological threats, cyber-attacks, climate shocks and extreme weather events, terrorist attacks, geopolitical and economic competition, and other conditions can reduce critical manufacturing capacity and the availability and integrity of critical goods, products, and services.

[Anonymous].  2019.  EO 13873 Securing the Information and Communications Technology and Services Supply Chain. 84(96):1-4.

Foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services, which store and communicate vast amounts of sensitive information, facilitate the digital economy, and support critical infrastructure and vital emergency services, in order to commit malicious cyber-enabled actions, including eco- nomic and industrial espionage against the United States and its people.