APT & Targeted Attacks
CISA Issues Supply Chain Compromise Alert
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert regarding an advanced persistent threat (APT) compromising government agencies, critical infrastructures, and private sector organizations.
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert regarding an advanced persistent threat (APT) compromising government agencies, critical infrastructures, and private sector organizations.
According to CISA, the APT actor is accountable for the compromise of the SolarWinds Orion supply chain. The actor is also responsible for the abuse of commonly used authentication mechanisms. The Agency then urged organizations to make identifying and addressing such threats a priority.
Under the Presidential Policy Directive (PPD) 41, the agency, together with the Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI), formed a Cyber Unified Coordination Group (UCG). This group aims to coordinate a "whole-of-government" response to the above-mentioned cyber incident.? A UCG is also formed for integrating private sector partners into incident response efforts.
In general, a Cyber UCG is created when a vital cyber incident affects critical infrastructure owners and operators. These are determined by the Secretary of Homeland Security as possessing or operating critical infrastructure wherein a cyber incident could lead to a catastrophic regional or national effect on national security, economic security, or public health.
Supply chain attacks are quite risky and could result in real-world impacts. In a report done by Trend Micro entitled “Critical Infrastructures Exposed and at Risk: Energy and Water Industries”, researchers were able to expose vulnerabilities of human-machine interface (HMI) used in critical water and energy organizations. They also showed real-world implications that these vulnerabilities have.
Geopolitical risk is also a big concern for securing supply chains. To mitigate such risk, organizations must think globally and exert efforts to follow codes of local culture. Organizations need to have a deeper understanding of regional and national policies to ensure the safety of the supply chain.
Read our three-part series on smart factories from the perspective of supply chain disruptions to learn more about supply chain cybersecurity.