511:)". Security researchers assert that 'Nobelium' crafts spear-phishing email messages which get clicked on by unsuspecting users; the links then direct installation of malicious 'Nobelium' code to infect the users' systems, making them subject to ransom, espionage, disinformation, etc. The US government has identified 'Nobelium' as stemming from Russia's Federal Security Service. By July 2021 the US government is expected to name the initiator of the Exchange Server attacks: "China’s Ministry of State Security has been using criminal contract hackers".
211:
531:), to gain federated authentication to Active Directory and similar services, at will. Once the attackers gain access, they are able to infiltrate any information or assets belonging to the organization. This is because this technique allows attackers to pose as any member of the targeted organization. These attacks are progressively becoming more desirable to malicious actors as companies and agencies continue to move assets to cloud services.
487:
affected organizations use self-hosted e-mail (on-site rather than cloud-based) such as credit unions, town governments, and small businesses. The flaws were patched on 2 March 2021, but by 5 March 2021 only 10% of the compromised organizations had implemented the patch; the back door remains open. The US officials are attempting to notify the affected organizations which are smaller than the organizations that were affected in
December 2020.
261:
80:
759:"To avoid potential damage to a financial institution’s bottom line, reputation, brand, and intellectual property, the executive team needs to take ownership of cyber risk. Specifically, they should collaborate up front to understand how the institution will defend against and respond to cyber risks, and what it will take to make their organization cyber resilient.
25:
542:". A malicious actor infected the source code of a software update with a backdoor code made to look legitimate. Customers began installing the faulty update to their systems, ultimately affecting over 18,000 individuals globally. The attack affected a number of United States government agencies and private sector agencies as well.
771:, a US network security company that provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing, recommends firms to have certain principles in place to create resilience in their supply chain, which includes having:
723:
and the
Cyberspace Policy Review passed by the Bush and Obama administrations respectively, direct U.S. federal funding for development of multi-pronged approaches for global supply chain risk management. According to Adrian Davis of the Technology Innovation Management Review, securing organizations
171:
While
Muhammad Ali Nasir of the National University of Emerging Sciences, associates the above-mentioned risk with the wider trend of globalization stating "…due to globalization, decentralization, and outsourcing of supply chains, numbers of exposure points have also increased because of the greater
490:
Microsoft has updated its
Indicators of Compromise tool and has released emergency mitigation measures for its Exchange Server flaws. The attacks on SolarWinds and Microsoft software are currently thought to be independent, as of March 2021. The Indicators of Compromise tool allows customers to scan
432:
has issued
Emergency Directive 21-01, "Mitigate SolarWinds Orion Code Compromise" which involves disconnecting any afflicted Windows host OS from its enterprise domain, and rebuilding those Windows hosts using trusted sources. The afflicted Windows operating system (OS) hosts were those monitored by
336:
virus and subsequently downloaded by subscribers. The hack was carried out on the provider's system: either hacking the code itself at the provider, or a hack re-routing download requests to another server. Press reports at the time make it clear this was a supply chain attack, but the attack vector
134:
supply warehouse, by drilling a hole in the roof and loading $ 80 million worth of prescription drugs into a truck, they could also have been said to carry out a supply chain attack. However, this article will discuss cyber attacks on physical supply networks that rely on technology; hence, a supply
506:
In May 2021 Microsoft identified 3000 malicious emails to 150 organizations in 24 countries, that were launched by a group that
Microsoft has denoted 'Nobelium'. Many of those emails were blocked before delivery. 'Nobelium' gained access to a Constant Contact "email marketing account used by the US
237:
It is believed that cyber criminals infiltrated a third party supplier to gain access to Target's main data network. Although not officially confirmed, investigation officials suspect that the hackers first broke into Target's network on 15 November 2013 using passcode credentials stolen from Fazio
163:
The threat of a supply chain attack poses a significant risk to modern day organizations and attacks are not solely limited to the information technology sector; supply chain attacks affect the oil industry, large retailers, the pharmaceutical sector and virtually any industry with a complex supply
122:
Although supply chain attack is a broad term without a universally agreed upon definition, in reference to cyber-security, a supply chain attack can involve physically tampering with electronics (computers, ATMs, power systems, factory data networks) in order to install undetectable malware for the
575:
was thought to have been subject to a supply chain attack due to detection of malicious activity on the software. The app is used in a wide variety of industries from food to automotive and an attack has the potential to impact hundreds of thousands of users worldwide. The malware infects the host
445:
was itself a victim of the update software breach. Microsoft is now working with FireEye to contain the ongoing cyber attack contained in supply chain software used by "government, consulting, technology, telecom and extractive entities in North
America, Europe, Asia and the Middle East" —FireEye.
315:
globally, especially in Russia and
Ukraine. GreenDispenser specifically gives attackers the ability to walk up to an infected ATM system and remove its cash vault. When installed, GreenDispenser may display an ‘out of service’ message on the ATM, but attackers with the right access credentials can
154:
APT's can often gain access to sensitive information by physically tampering with the production of the product. In
October 2008, European law-enforcement officials "uncovered a highly sophisticated credit-card fraud ring" that stole customer's account details by using untraceable devices inserted
167:
The
Information Security Forum explains that the risk derived from supply chain attacks is due to information sharing with suppliers, it states that "sharing information with suppliers is essential for the supply chain to function, yet it also creates risk... information compromised in the supply
319:
The other types of malware usually behave in a similar fashion, capturing magnetic stripe data from the machine's memory storage and instructing the machines to withdraw cash. The attacks require a person with insider access, such as an ATM technician or anyone else with a key to the machine, to
486:
None of the Microsoft repositories contained production credentials. The repositories were secured in December, and those attacks ceased in January. However, in March 2021 more than 20,000 US organizations were compromised through a back door that was installed via flaws in Exchange Server. The
403:
practices in order to steal customer information through online payment processes. Approximately 380,000 customers had their personal and financial data compromised as a result of the attack. British Airways later reported in October, 2018 that an additional 185,000 customers may have had their
728:
is, according to supply chain risk management expert Donal Walters, "the ability of the supply chain to cope with unexpected disturbances" and one of its characteristics is a company-wide recognition of where the supply chain is most susceptible to infiltration. Supply chain management plays a
554:
exposed the vulnerability of the US's gasoline supply on the East coast. On 16 June 2021, President Biden warned President Putin that 16 types of infrastructure were to be off-limits to cyberattack, or else Russia would suffer in kind. A combination of supply-chain attack and ransomware attack
449:
Volexity, a cybersecurity firm, has reconstructed the attack sequence on an unnamed US think tank: first, the attacker exploited a remote code execution vulnerability in an on-premise Microsoft Exchange server; after that vulnerability was remedied, the attacker exploited security holes in the
195:
reported a connecting thread in recent software supply chain attacks, as of 3 May 2019. These have been surmised to have spread from infected, pirated, popular compilers posted on pirate websites. That is, corrupted versions of Apple's XCode and Microsoft Visual Studio. (In theory, alternating
323:
The Tyupkin malware active in March 2014 on more than 50 ATMs at banking institutions in Eastern Europe, is believed to have also spread at the time to the U.S., India, and China. The malware affects ATMs from major manufacturers running Microsoft Windows 32-bit operating systems. The malware
151:(APT) that determines a member of the supply network with the weakest cyber security in order to affect the target organization. According to an investigation produced by Verizon Enterprise, 92% of the cyber security incidents analyzed in their survey occurred among small firms.
807:"Mitigation strategies for advanced threats should include security policies and education, network security, comprehensive system administration and specialized security solutions, like... software patching features, application control, whitelisting and a default deny mode."
514:
In September 2021 the Securities and Exchange Commission (SEC) enforcement staff have requested that any companies which have downloaded any compromised SolarWinds updates, voluntarily turn over data to the SEC if they have installed the compromised updates on their servers.
751:
Group, an American post-trade company, in its operations has implemented governance for vulnerability management throughout its supply chain and looks at IT security along the entire development lifecycle; this includes where software was coded and hardware manufactured.
103:. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing
518:
In July 2022 SessionManager, a malicious module hosted by IIS (installed by default on Exchange Servers), was discovered to have infected Exchange Servers since March 2021; SessionManager searches memory for passwords, and downloads new modules, to hijack the server.
114:
A supply chain is a system of activities involved in handling, distributing, manufacturing, and processing goods in order to move resources from a vendor into the hands of the final consumer. A supply chain is a complex network of interconnected players governed by
450:
SolarWinds Orion platform, which were exposed in December 2020; third, the think tank's Duo two-factor authentication proxy server was exploited to gain access to breach the infrastructure of the think tank yet again. Based on Volexity's reconstruction,
291:, reported that the majority of infected systems by the Stuxnet worm were located in the Islamic Republic of Iran, which has led to speculation that it may have been deliberately targeting "high-value infrastructure" in the country including either the
784:
Imposing stringent controls on suppliers in order to abide by lists of an approved protocols. Also conducting occasional site audits at supplier locations and having personnel visiting the sites on a regular basis for business purposes allows greater
495:
can remain on a patched server; this still allows cyberattacks based on the affected servers. As of 12 March 2021 exploit attempts are doubling every few hours, according to Check Point Research, some in the name of security researchers themselves.
395:
website payment section contained a code that harvested customer payment data. The injected code was written specifically to route credit card information to a domain baways.com, which could erroneously be thought to belong to British Airways.
436:
In addition to the U.S. federal government, 18,000 out of SolarWinds' 33,000 customers who use the SolarWinds Orion software update platform are vulnerable. Orion was compromised in March and June 2020, before the cyber breach was detected by
233:
Six months prior the company began installing a $ 1.6 million cyber security system. Target had a team of security specialists to monitor its computers constantly. Nonetheless, the supply chain attack circumvented these security measures.
607:
due to their use of this same backdoor in a 2020 attack against a South Asian cryptocurrency company. The Gopuram backdoor has been utilized in other past attacks against cryptocurrency agencies, which Lazarus has been known to target.
298:
Stuxnet is typically introduced into the supply network via an infected USB flash drive with persons with physical access to the system. The worm then travels across the cyber network, scanning software on computers controlling a
225:
Between 27 November and 15 December 2013, Target's American brick-and-mortar stores experienced a data hack. Around 40 million customers' credit and debit cards became susceptible to fraud after malware was introduced into the
344:
attack because it encrypted the hard-drives of affected computers and then demanded bitcoin payments in order to retrieve stolen files. The attack affected numerous industries across Ukraine including banks, an airport, and
245:
Ninety lawsuits have been filed against Target by customers for carelessness and compensatory damages. Target spent around $ 61 million responding to the breach, according to its fourth-quarter report to investors.
795:, should be designed into the software to detect any previous unauthorized access to the code. An iterative testing process to get the code functionally hardened and security-hardened is a good approach.
172:
number of entities involved and that too are scattered all around the globe… cyber-attack on supply chain is the most destructive way to damage many linked entities at once due to its ripple effect."
179:
systems can become significant hazards for cyber attacks, which can lead to a loss of sensitive customer information, disruption of the manufacturing process, and could damage a company's reputation.
303:(PLC). Stuxnet introduces the infected rootkit onto the PLC modifying the codes and giving unexpected commands to the PLC while returning a loop of normal operation value feedback to the users.
1026:
Supply chain, cyber security and geo-political issues pose the greatest risks, as risk goes up in importance and profile say risk managers at sword active risk conference. (28 July 2015).
755:
In a 2014 PwC report, titled "Threat Smart: Building a Cyber Resilient Financial Institution", the financial services firm recommends the following approach to mitigating a cyber attack:
155:
into credit-card readers made in China to gain access to account information and make repeated bank withdrawals and Internet purchases, amounting to an estimated $ 100 million in losses.
2484:
Patrick Reevell (28 May 2021) Kremlin rejects new Microsoft allegations it carried out hack via State Department email: Microsoft said Thursday the hack targeted dozens of organizations.
630:
remained dormant unless a specific third-party patch of the SSH server is used, under the right circumstances this interference could potentially enable a malicious actor to break sshd
127:, in which an apparently low-level or unimportant software component used by other software can be used to inject malicious code into the larger software that depends on the component.
276:. The worm specifically targets systems that automate electromechanical processes used to control machinery on factory assembly lines or equipment for separating nuclear material.
372:(WMI) tool. On account of these exploitations, if the malware affected one device on a network, it could then easily and rapidly spread to any other devices on the same network.
2681:
660:
issued an advisory for users to update immediately, although it also noted that Arch's OpenSSH package does not include the common third-party patch necessary for the backdoor.
230:
system in over 1,800 stores. The data breach of Target's customer information saw a direct impact on the company's profit, which fell 46 percent in the fourth quarter of 2013.
527:
Mandiant, a security firm, has shown that nation-state-sponsored groups, once they have gained access to corporate clouds, can now exploit Security assertion markup language (
3345:
2372:
1170:
2751:
851:
2450:
214:
An image of a Target brick-and-mortar store, where a supply chain attack exposed the financial information of 40 million customers between 27 November and 15 December 2013
2360:
680:
as well as other US government agencies with enhancing the cybersecurity of the United States. On 11 July 2021 (day 60 of the EO timeline) NIST, in consultation with the
894:
413:
688:(OMB), delivered '4i': guidance for users of critical software, as well as '4r': for minimum vendor testing of the security and integrity of the software supply chain.
681:
720:
664:
is not affected by this attack, as all supported FreeBSD releases include versions of xz that predate the affected releases and the attack targets Linux's glibc.
375:
Police said that M.E.Doc could ultimately be held criminally responsible due to their negligence in acknowledging repeated messages regarding the status of their
2181:
2507:
1751:
429:
2576:
2363:
3/10/2021 released updates for E2019 CU3. E2016 CU12, 13 and 17. E2013 CU21 and 22. 3/8/2021 released updates for E2019 CU4, 5, and 6. E2016 CU14, 15, and 16.
2291:
2478:
2334:
3244:
2704:
2564:
739:
The UK government has produced the Cyber Essentials Scheme, which trains firms for good practices to protect their supply chain and overall cyber security.
3072:
877:
3369:
3033:
1700:
1659:
324:
displays information on how much money is available in every machine and allows an attacker to withdraw 40 notes from the selected cassette of each ATM.
748:
130:
In a more general sense, a supply chain attack may not necessarily involve electronics. In 2010 when burglars gained access to the pharmaceutical giant
2740:
2238:
Alex Marquardt, Brian Fung and Zachary Cohen, CNN (17 December 2020) Microsoft identifies more than 40 organizations targeted in massive cyber breach
2692:
2349:
1091:
803:, spoke about the importance of managing risk from targeted attacks and cyber-espionage campaigns, during a conference on cyber security he stated:
503:
had completed a covert cyber operation to remove the web shells from afflicted servers and was informing the servers' owners of what had been done.
425:
2003:
123:
purpose of bringing harm to a player further down the supply chain network. Alternatively, the term can be used to describe attacks exploiting the
2552:
2483:
732:
In March 2015, under the Conservative and Liberal democratic government coalition, the UK Department for Business outlined new efforts to protect
349:
radiation detection systems. The malware also affected over 2000 companies in multiple countries including Russia, India, and The United States.
924:
2428:
2262:
3044:
1345:
2451:
Shadowserver (28 Mar 2021) Attackers Breach 21,000 Microsoft Exchange Servers, Install Malware Implicating Brian Krebs (krebsonsecurity.com)
472:
In February 2021 Microsoft determined that the attackers had downloaded a few files "(subsets of service, security, identity)" apiece from
2591:
2416:
1301:
2479:
Phil Helsel, Ezra Kaplan and Kevin Collier (28 May 2021) SolarWinds hackers are at it again, targeting 150 organizations, Microsoft warns
1567:
656:. Most Linux distributions that followed a stable release update model were not affected, since they were carrying older versions of xz.
3060:
2213:
2134:
2361:
The_Exchange_Team Microsoft (8 March 2021) March 2021 Exchange Server Security Updates for older Cumulative Updates of Exchange Server
1725:
733:
528:
369:
952:
1627:
64:
2540:
2417:
Allana Akhar (12 Mar 2021) Google accused Microsoft of unfairly attacking the tech giant to distract from the massive Exchange hack
2529:
2496:
1508:
1177:
2373:
Joseph Menn, Raphael Satter, Trevor Hunnicutt (5 Mar 2021) More than 20,000 U.S. organizations compromised through Microsoft flaw
2162:
1845:
1826:
Fildes, Jonathan (23 September 2010). "Stuxnet worm 'targeted high-value Iranian assets'". BBC News. Retrieved 23 September 2010.
3155:
2248:
3045:
NIST (2-3 Jun 2021) Workshop and Call for Position Papers on Standards and Guidelines to Enhance Software Supply Chain Security
685:
2105:
902:
3418:
1534:
2715:
2474:
Jill Disis and Zahid Mahmood (28 May 2021) Microsoft says SolarWinds hackers have struck again at the US and other countries
2796:
2473:
2462:
2292:
Brad D Williams (6 Mar 2021) Microsoft Pushes Urgent Fixes Overnight As Threat Actors Compromise Exchange Servers Worldwide
2273:
2054:
2439:
1594:
1240:
1201:
1057:
399:
Magecart is the entity believed to be behind the attack. Magecart is a name attributed to multiple hacker groups that use
300:
205:
3034:(11 July 2021) NIST Delivers Two Key Publications to Enhance Software Supply Chain Security Called for by Executive Order
3205:
1480:
603:
in 2020. The use of this backdoor suggested that the attack was executed by the North Korean cybercrime group known as
627:
388:
292:
3104:
3056:
2768:
2302:
1759:
42:
35:
2202:
Department of Homeland Security (13 Dec 2020) Emergency Directive 21-01, "Mitigate SolarWinds Orion Code Compromise"
1214:
2887:
2837:
2752:
NBC news (7 July 2021) Code In Huge Ransomware Attack Written To Avoid Computers That Use Russian, Says New Report
2729:
2518:
817:
361:
148:
2237:
1141:
491:
their Exchange Server log files for compromise. At least 10 attacking groups are using the Exchange Server flaws.
332:
During the spring of 2017, the core code of the financial package "M.E.Doc" used in Ukraine was infected with the
3300:"A multi-layer approach for advanced persistent threat detection using machine learning based on network traffic"
3079:
1948:
1447:
2682:
BBC (10 May 2021) US Scrambles to Keep Fuel Flowing After Pipeline Cyberattack. Russian Cybercriminals Suspected
462:
attack on an estimated 30,000 customers worldwide. In July 2021 SolarWinds announced it was attacked yet again.
1921:
1673:
577:
559:
ransomware code is written to avoid hitting sites that use Russian. The REvil site is now offline according to
353:
312:
3008:
2028:
852:
Shaked Reiner (12-11-2017) Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps
725:
631:
176:
87:
network, which shows how goods are moved from the raw materials stage to being acquired by the end consumer
1323:
417:
111:'s 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.
2383:
3397:
2705:
Associated Press (10 May 2021) US invokes emergency powers after cyberattack shuts crucial fuel pipeline
2106:"Securonix Threat Research: BRITISH AIRWAYS BREACH: MAGECART FORMGRABBING SUPPLY CHAIN ATTACK DETECTION"
1896:
1870:
1394:
635:
455:
433:
the SolarWinds Orion monitoring software. DOE's NNSA has since disconnected the breached Windows hosts.
364:
cyberattack in May of 2017. This method granted NotPetya the ability to proliferate through the Windows
210:
131:
124:
316:
drain the ATM's cash vault and remove the malware from the system using an untraceable delete process.
264:
Model of the Bushehr Nuclear Power Plant – in the Iranian pavilion of EXPO 2010 Shanghai
2965:
2619:
1320:
2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)
832:
599:
The attack utilized the Gopuram backdoor, originally discovered by the Russian cybersecurity company
365:
1328:
878:
Maria Kotolov (4 Feb 2021) Supply chain attacks show why you should be wary of third-party providers
424:, which counts many federal institutions among its clients, including the business computers of the
222:, a US retailer, was hit by one of the largest data breaches in the history of the retail industry.
2508:
Dan Goodin (26 Jun 2021) SolarWinds hackers breach new victims, including a Microsoft support agent
1389:
Urciuoli, Luca (April 2015). "Cyber-Resilience: A Strategic Approach for Supply Chain Management".
653:
593:
538:
was subject to what is described as the first documented Golden SAML attack, often referred to as "
3327:
2983:
2320:
David E. Sanger (14 Jul 2021) "Ransomware group goes offline. The culprit is not yet clear." p.A6
1801:
1363:
1351:
346:
333:
219:
2394:
2182:"Russian cyber attack against US: Worst may be yet to come, experts fear, as Trump remains mum"
2079:
3319:
1653:
1602:
1542:
1455:
1421:
1341:
1276:
1065:
617:
585:
551:
116:
2646:
977:
3402:
3311:
2862:
2339:(2/18/2019) POST-MORTEM — Microsoft says SolarWinds hackers stole source code for 3 products
1333:
1318:
Nasir, Muhammad Ali (June 2015). "Potential cyber-attacks against global oil supply chain".
572:
284:
280:
192:
2823:
2577:(6 Dec 2021) SolarWinds Hackers Have a Whole Bag of New Tricks For Mass Compromise Attacks
2429:
Dan Goodin (23 Mar 2021) Ransomware operators are piling on already hacked Exchange servers
2263:
Ionut Ilascu (17 December 2020) Nation-state hackers breached US think tank thrice in a row
1413:
311:
In recent years malware known as Suceful, Plotus, Tyupkin and GreenDispenser have affected
279:
The computer worm is said to have been specifically developed in order to damage potential
3370:"Kaspersky Lab and EY Warn Organizations to Get Prepared for Cyberthreats | Kaspersky Lab"
2553:(10 Sep 2021) Wide-Ranging SolarWinds Probe Sparks Fear in Corporate America (Reuters.com)
2541:
Brad D Williams (22 Jul 2021) US Playing Long Game To Pressure China On Cyber Ops: Experts
2440:
Charlie Osborne (12 March 2021) Microsoft Exchange Server hacks ‘doubling’ every two hours
2406:
Reuters (March 2021) At least 10 hacking groups using Microsoft software flaw -researchers
1813:
1375:
827:
459:
392:
3059:
another NIST source: EXECUTIVE ORDER 14028, IMPROVING THE NATION'S CYBERSECURITY task 4g
2249:
T.C. Sottek (31 Dec 2020) Microsoft says hackers were able to see some of its source code
1634:
707:
Day 360: EO task 4d: guidelines for review and update procedures of supply chain software
2741:
AP (5 Jul 2021) World's Single-Biggest Ransomware Attack Hit 'Thousands' in 17 Countries
3156:"Cyber security insurance: new steps to make UK world center - Press releases - GOV.UK"
2730:
William Turton (3 July 2021) Massive Ransomware Attack May Impact Thousands of Victims°
645:
288:
136:
46:
2463:
Brad D. Williams (13 Apr 2021) Revealed: Secret FBI Cyber Op To Clean Exchange Servers
2350:
Brian Barrett (6 Mar 2021) China’s and Russia’s spying spree will take years to unpack
2274:
Michael Trantas (Dec 2016) Vulnerability in Duo’s Authentication Proxy Server Software
1002:
3412:
3331:
2530:
ERIC TUCKER (19 Jul 2021) Microsoft Exchange email hack was caused by China, US says
2497:
Lily Hay Newman (30 May 2021) The SolarWinds hackers aren’t back—they never went away
1116:
895:"Next Generation Cyber Attacks Target Oil And Gas SCADA | Pipeline & Gas Journal"
800:
626:
was suspected, with malicious code known to be in version 5.6.0 and 5.6.1. While the
604:
600:
376:
273:
227:
2938:
2797:"Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack"
2384:
Lily Hay Newman (10 March 2021) It’s Open Season for Microsoft Exchange Server Hacks
1355:
1268:
1202:
BRAD D. WILLIAMS (July 01, 2021) US-UK Warn Of New Worldwide Russian Cyberespionage
260:
79:
3180:
3057:
NIST (25 Jun 2021) Definition of Critical Software Under Executive Order (EO) 14028
2912:
2716:
Brad D Williams (27 May 2021) DHS Cyber Order Signals Shift To ‘Mandatory Measures’
2670:
2405:
1245:
822:
400:
269:
100:
96:
84:
1782:
1398:
1337:
1092:"Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack"
352:
The spread of Notpetya was facilitated by using the same "exploit method" as the
196:
compilers might detect compiler attacks, when the compiler is the trusted root.)
168:
chain can be just as damaging as that compromised from within the organization".
2029:"Ukrainian software company will face charges over cyber attack, police suggest"
792:
736:
from cyber attacks, which included measures to improve supply chain resilience.
589:
357:
41:
The references used may be made clearer with a different or consistent style of
2565:(30 Jun 2022) Microsoft Exchange servers worldwide hit by stealthy new backdoor
704:
Day 270: EO task 4e, 4s, 4t, 4u: guidelines for enhancing supply chain software
2693:
Dustin Volz (10 May 2021) U.S. Blames Criminal Group in Colonial Pipeline Hack
2303:
Brad D Williams (29 Mar 2021) SolarWinds: ‘The Truth Is Much More Complicated’
1973:
657:
649:
539:
535:
421:
341:
99:
that seeks to damage an organization by targeting less secure elements in the
3323:
1606:
1568:"Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It"
1546:
1459:
1425:
1280:
1069:
799:
On 27 April 2015, Sergey Lozhkin, a Senior Security Researcher with GReAT at
2135:"Solar Winds, Probably Hacked by Russia, Serves White House, Pentagon, NASA"
701:
Day 180: EO task 4c: guidelines for enhancing supply chain software security
492:
442:
2671:
Reuters (8 May 2021) Cyber attack shuts down top U.S. fuel pipeline network
2080:"What Is Magecart | Attack Examples & Prevention Techniques | Imperva"
1781:
reporter, Jonathan Fildes Technology; News, B. B. C. (23 September 2010).
3299:
2139:
623:
416:
is believed to have resulted through a supply chain attack targeting the
368:(SMB). The malware also exploited Microsoft’s PsExec tool as well as the
108:
3315:
2004:"Petya Or NotPetya: Why The Latest Ransomware Is Deadlier Than WannaCry"
1039:
Napolitano, J. (6 January 2011). How to secure the global supply chain.
724:
from supply chain attacks begins with building cyber-resilient systems.
3273:
2939:"openSUSE addresses supply chain attack against xz compression library"
2519:
Brad D Williams (2 Jul 2021) China Likely Outed Soon For Exchange Hacks
1204:
Context for some threat naming schemas: APT, GRU, Fancy bear, SVR, etc.
768:
661:
438:
255:
104:
2163:"Scope of Russian Hack Becomes Clear: Multiple U.S. Agencies Were Hit"
2161:
Sanger, David E.; Perlroth, Nicole; Schmitt, Eric (15 December 2020).
555:
surfaced on 2 July 2021 at thousands of companies in 17 countries. An
3206:"Supply Chain Attacks: 6 Steps to protect your software supply chain"
1949:"Family firm in Ukraine says it was not responsible for cyber attack"
641:
581:
147:
Generally, supply chain attacks on information systems begin with an
2769:"3CX Supply chain attack allowed targeting cryptocurrency companies"
1846:"Tyupkin Virus (Malware) | ATM Machine Security | Virus Definition"
2824:"backdoor in upstream xz/liblzma leading to ssh server compromise"
2201:
1481:"Fully Countering Trusting Trust through Diverse Double-Compiling"
556:
508:
259:
209:
78:
3245:"Threat smart: Building a cyber resilient financial institution"
3128:
Davis, A. (2015). Building cyber-resilience into supply chains.
2754:
REvil. Darkside is the Ransomware attacker of Colonial pipeline
1414:"A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree"
677:
239:
2888:"Urgent security alert for Fedora 41 and Fedora Rawhide users"
1922:"Tyupkin: manipulating ATM machines with malware - Securelist"
1871:"Meet GreenDispenser: A New Breed of ATM Malware | Proofpoint"
1726:"Confirmed: US and Israel created Stuxnet, lost control of it"
1701:"Target Offers $ 10 Million Settlement In Data Breach Lawsuit"
1674:"Target Hackers Broke in Via HVAC Company — Krebs on Security"
778:
This allows a firm to have tighter control over its suppliers.
596:
that connected to a C2 server controlled by the threat actor.
500:
18:
2395:(9 March 2021) I can't believe I have to say this (again) ...
2104:
Kolesnikov, Oleg; Harshvardhan, Parashar (6 November 2018).
1595:"Hackers find suppliers are an easy way to target companies"
1509:"Target data breach: Why UK business needs to pay attention"
729:
crucial role in creating effective supply chain resilience.
1448:"Hack Brief: Malware Sneaks Into the Chinese iOS App Store"
3298:
Xuan, Cho Do; Duong, Duc; Dau, Hoang Xuan (21 June 2021).
3009:"Disclosed backdoor in xz releases - FreeBSD not affected"
1241:"Organized crime tampers with European card swipe devices"
1058:"Cyber attackers 'target healthcare and pharma companies'"
698:
Day 60: EO task 4i, 4r: user guidance, and vendor testing
206:
History of Target Corporation § 2013 security breach
3274:"Advanced Cyber Security - Stop Cyber Attacks | FireEye"
2330:
2328:
2326:
2214:"Massive cyberattack grows beyond US, heightening fears"
978:"2019 Internet Security Threat Report Executive Summary"
953:"New malware hits ATM and electronic ticketing machines"
2984:"Arch Linux - News: The xz package has been backdoored"
2838:"Urgent security alert for Fedora 41 and Rawhide users"
287:; Kevin Hogan, Senior Director of Security Response at
3346:"BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT"
1835:"A Declaration of Cyber-War". VANITY FAIR. April 2011.
238:
Mechanical Services, a Pennsylvania-based provider of
3230:
Hoover, J. N. (2009). Secure the cyber supply chain.
3105:"The Comprehensive National Cybersecurity Initiative"
576:
device through the installation process, acting as a
2287:
2285:
2283:
2281:
2913:"All about the xz-utils backdoor | Kali Linux Blog"
1783:"Stuxnet worm 'targeted high-value Iranian assets'"
3145:(2nd ed.). London: Kogan Page. Accessed 29-10-2015
2592:"Golden SAML Revisited: The Solorigate Connection"
1897:"New ATM Malware Captures PINs and Cash — Updated"
640:The list of affected Linux distributions includes
634:and gain unauthorized access to the entire system
3234:(1247), 45-46,48,50,52. Retrieved from 2015-10-29
2551:Christopher Bing and Chris Prentice, Joseph Menn
2180:Johnson, Kevin; Snider, Mike (18 December 2020).
710:Day 365: EO task 4w: summary support of the pilot
3398:New ATM Malware Captures PINs and Cash — Updated
1269:"Fraud Ring Funnels Data From Cards to Pakistan"
682:Cybersecurity and Infrastructure Security Agency
672:On 12 May 2021, Executive order 14028 (the EO),
2305:Follow-on damage to US government by Russian op
2233:
2231:
721:Comprehensive National Cybersecurity Initiative
2725:
2723:
2620:"Detection And Hunting Of Golden SAML Attack"
571:In March, 2023, the voice and video chat app
387:From August 21st until September 5th in 2018
8:
2313:
2311:
2197:
2195:
1978:International cyber law: interactive toolkit
2258:
2256:
622:In March 2024, a backdoor in xz/liblzma in
3304:Journal of Intelligent & Fuzzy Systems
3130:Technology Innovation Management Review, 5
3061:(26 Jun 2021) Critical Software Definition
3029:
3027:
3025:
1171:"Cyber-security risks in the supply chain"
873:
871:
16:Cyberattack via an industry's supply chain
1533:Harris, Elizabeth A. (26 February 2014).
1327:
65:Learn how and when to remove this message
1215:"2014 Data Breach Investigations Report"
1003:"Supply Chain Definition | Investopedia"
426:National Nuclear Security Administration
360:, which was the same method used in the
354:United States National Security Agency’s
867:
844:
550:In May 2021 A ransomware attack on the
482:"a small subset of Exchange components"
3047:1400 participants, 150 position papers
1809:
1799:
1658:: CS1 maint: archived copy as title (
1651:
1371:
1361:
507:Agency for International Development (
404:personal information stolen as well.
2791:
2789:
2762:
2760:
2614:
2612:
2586:
2584:
1997:
1995:
1947:Polityuk, Jack Stubbs (3 July 2017).
1752:"Iran was prime target of SCADA worm"
1503:
1501:
1164:
1162:
479:"a small subset of Intune components"
107:or hardware-based spying components.
7:
2767:Paganini, Pierluigi (4 April 2023).
1535:"Data Breach Hurts Profit at Target"
1051:
1049:
947:
945:
889:
887:
885:
674:Improving the nation's cybersecurity
476:"a small subset of Azure components"
414:2020 Global Supply Chain Cyberattack
3132:(4), 19-27. Retrieved on 29-10-2015
2133:Christina Zhao (14 December 2020).
1593:Kuchler, Hannah (20 October 2014).
295:or the Natanz nuclear power plant.
268:Believed to be an American-Israeli
3181:"Cyber Essentials - OFFICIAL SITE"
1239:Modine, Austin (10 October 2008).
1142:"Solving the Eli Lilly Drug Theft"
695:Day 45: define 'critical software'
370:Windows Management Instrumentation
14:
1446:Cox, Joseph (18 September 2015).
135:chain attack is a method used by
3078:. Whitehouse.gov. Archived from
2822:Freund, Andres (29 March 2024).
389:British Airways was under attack
23:
2645:Goud, Naveen (7 January 2021).
1056:Kuchler, Hannah (28 May 2014).
686:Office of Management and Budget
441:in December 2020. For example,
430:Department of Homeland Security
1758:. 23 July 2010. Archived from
1699:Parks, Miles (19 March 2015).
1412:Greenberg, Andy (3 May 2019).
320:place the malware on the ATM.
1:
2966:"xz-utils backdoor situation"
2453:malicious code spoofing Krebs
899:www.pipelineandgasjournal.com
749:Depository Trust and Clearing
588:installers. They employed an
301:programmable logic controller
3143:Supply Chain Risk Management
2826:. oss-security mailing list.
1338:10.1109/CyberSA.2015.7166137
1090:Goodin, Dan (24 June 2024).
340:NotPetya is classified as a
2867:security-tracker.debian.org
791:Security features, such as
789:Security built into design:
454:has published a simplified
293:Bushehr Nuclear Power Plant
3435:
3073:"Cyberspace Policy Review"
1220:. Verizon Enterprise. 2014
818:Advanced persistent threat
782:Stringent vendor controls:
615:
253:
203:
149:advanced persistent threat
466:Microsoft Exchange Server
313:automated teller machines
272:, Stuxnet is a malicious
1146:www.securitymagazine.com
3185:www.cyberstreetwise.com
2216:. AFP. 18 December 2020
726:Supply chain resilience
420:infrastructure company
337:used is not specified.
177:supply chain management
2651:Cybersecurity Insiders
2224:– via France 24.
1043:Retrieved on 2015-11-4
1030:Retrieved on 2015-11-4
925:"Supply chain attacks"
809:
776:A small supplier base:
761:
743:Financial institutions
265:
215:
88:
3419:Cryptographic attacks
2055:"Customer data theft"
1117:"Drug theft goes big"
805:
757:
692:Day 30: solicit input
499:By 14 April 2021 the
263:
213:
204:Further information:
125:software supply chain
83:A basic diagram of a
82:
2647:"What is Solorigate"
1391:Talent First Network
854:as cited by Mandiant
833:Watering hole attack
764:Cyber security firms
592:through a malicious
580:spread through both
366:Server Message Block
218:At the end of 2013,
3316:10.3233/jifs-202465
3254:. PwC. October 2014
1877:. 22 September 2015
1678:krebsonsecurity.com
1273:Wall Street Journal
1183:on 18 February 2015
1041:Wall Street Journal
654:OpenSUSE Tumbleweed
93:supply chain attack
3310:(6): 11311–11329.
2419:Rival distractions
2318:The New York Times
2167:The New York Times
2059:britishairways.com
2002:Brewster, Thomas.
1980:. 14 November 2022
1875:www.proofpoint.com
1812:has generic name (
1640:on 6 November 2015
1539:The New York Times
929:docs.microsoft.com
905:on 9 February 2015
578:Trojan horse virus
561:The New York Times
546:Ransomware attacks
328:NotPetya / M.E.Doc
285:Government of Iran
281:uranium enrichment
266:
216:
89:
3374:www.kaspersky.com
3212:. 5 November 2021
3141:Waters, D. 2011.
1974:"NotPetya (2017)"
1850:www.kaspersky.com
1680:. 9 February 2014
1347:978-0-9932-3380-7
1267:Gorman, Siobhan.
618:XZ Utils backdoor
612:XZ Utils backdoor
552:Colonial pipeline
117:supply and demand
75:
74:
67:
3426:
3385:
3384:
3382:
3380:
3366:
3360:
3359:
3357:
3355:
3350:
3342:
3336:
3335:
3295:
3289:
3288:
3286:
3284:
3270:
3264:
3263:
3261:
3259:
3249:
3241:
3235:
3232:InformationWeek,
3228:
3222:
3221:
3219:
3217:
3202:
3196:
3195:
3193:
3191:
3177:
3171:
3170:
3168:
3166:
3152:
3146:
3139:
3133:
3126:
3120:
3119:
3117:
3115:
3101:
3095:
3094:
3092:
3090:
3084:
3077:
3069:
3063:
3054:
3048:
3042:
3036:
3031:
3020:
3019:
3017:
3015:
3005:
2999:
2998:
2996:
2994:
2980:
2974:
2973:
2961:
2955:
2954:
2952:
2950:
2935:
2929:
2928:
2926:
2924:
2909:
2903:
2902:
2900:
2898:
2884:
2878:
2877:
2875:
2873:
2859:
2853:
2852:
2850:
2848:
2834:
2828:
2827:
2819:
2813:
2812:
2810:
2808:
2793:
2784:
2783:
2781:
2779:
2773:Security Affairs
2764:
2755:
2749:
2743:
2738:
2732:
2727:
2718:
2713:
2707:
2702:
2696:
2690:
2684:
2679:
2673:
2668:
2662:
2661:
2659:
2657:
2642:
2636:
2635:
2633:
2631:
2616:
2607:
2606:
2604:
2602:
2596:www.cyberark.com
2588:
2579:
2573:
2567:
2561:
2555:
2549:
2543:
2538:
2532:
2527:
2521:
2516:
2510:
2505:
2499:
2494:
2488:
2471:
2465:
2460:
2454:
2448:
2442:
2437:
2431:
2426:
2420:
2414:
2408:
2403:
2397:
2392:
2386:
2381:
2375:
2370:
2364:
2358:
2352:
2347:
2341:
2332:
2321:
2315:
2306:
2300:
2294:
2289:
2276:
2271:
2265:
2260:
2251:
2246:
2240:
2235:
2226:
2225:
2223:
2221:
2210:
2204:
2199:
2190:
2189:
2177:
2171:
2170:
2158:
2152:
2151:
2149:
2147:
2130:
2124:
2123:
2121:
2119:
2110:
2101:
2095:
2094:
2092:
2090:
2076:
2070:
2069:
2067:
2065:
2051:
2045:
2044:
2042:
2040:
2025:
2019:
2018:
2016:
2014:
1999:
1990:
1989:
1987:
1985:
1970:
1964:
1963:
1961:
1959:
1944:
1938:
1937:
1935:
1933:
1928:. 7 October 2014
1918:
1912:
1911:
1909:
1907:
1893:
1887:
1886:
1884:
1882:
1867:
1861:
1860:
1858:
1856:
1842:
1836:
1833:
1827:
1824:
1818:
1817:
1811:
1807:
1805:
1797:
1795:
1793:
1778:
1772:
1771:
1769:
1767:
1748:
1742:
1741:
1739:
1737:
1722:
1716:
1715:
1713:
1711:
1696:
1690:
1689:
1687:
1685:
1670:
1664:
1663:
1657:
1649:
1647:
1645:
1639:
1633:. Archived from
1632:
1624:
1618:
1617:
1615:
1613:
1590:
1584:
1583:
1581:
1579:
1564:
1558:
1557:
1555:
1553:
1530:
1524:
1523:
1521:
1519:
1505:
1496:
1495:
1493:
1491:
1477:
1471:
1470:
1468:
1466:
1443:
1437:
1436:
1434:
1432:
1409:
1403:
1402:
1386:
1380:
1379:
1373:
1369:
1367:
1359:
1331:
1322:. pp. 1–7.
1315:
1309:
1308:
1306:
1298:
1292:
1291:
1289:
1287:
1264:
1258:
1257:
1255:
1253:
1236:
1230:
1229:
1227:
1225:
1219:
1211:
1205:
1199:
1193:
1192:
1190:
1188:
1182:
1176:. Archived from
1175:
1169:CERT-UK (2015).
1166:
1157:
1156:
1154:
1152:
1138:
1132:
1131:
1129:
1127:
1113:
1107:
1106:
1104:
1102:
1087:
1081:
1080:
1078:
1076:
1053:
1044:
1037:
1031:
1024:
1018:
1017:
1015:
1013:
999:
993:
992:
990:
988:
974:
968:
967:
965:
963:
949:
940:
939:
937:
935:
921:
915:
914:
912:
910:
901:. Archived from
891:
880:
875:
855:
849:
573:3CX Phone System
452:Breaking Defense
379:infrastructure.
283:programs by the
188:Compiler attacks
143:Attack framework
70:
63:
59:
56:
50:
27:
26:
19:
3434:
3433:
3429:
3428:
3427:
3425:
3424:
3423:
3409:
3408:
3394:
3389:
3388:
3378:
3376:
3368:
3367:
3363:
3353:
3351:
3348:
3344:
3343:
3339:
3297:
3296:
3292:
3282:
3280:
3272:
3271:
3267:
3257:
3255:
3247:
3243:
3242:
3238:
3229:
3225:
3215:
3213:
3204:
3203:
3199:
3189:
3187:
3179:
3178:
3174:
3164:
3162:
3154:
3153:
3149:
3140:
3136:
3127:
3123:
3113:
3111:
3109:The White House
3103:
3102:
3098:
3088:
3086:
3082:
3075:
3071:
3070:
3066:
3055:
3051:
3043:
3039:
3032:
3023:
3013:
3011:
3007:
3006:
3002:
2992:
2990:
2982:
2981:
2977:
2963:
2962:
2958:
2948:
2946:
2945:. 29 March 2024
2937:
2936:
2932:
2922:
2920:
2919:. 29 March 2024
2911:
2910:
2906:
2896:
2894:
2886:
2885:
2881:
2871:
2869:
2863:"CVE-2024-3094"
2861:
2860:
2856:
2846:
2844:
2836:
2835:
2831:
2821:
2820:
2816:
2806:
2804:
2795:
2794:
2787:
2777:
2775:
2766:
2765:
2758:
2750:
2746:
2739:
2735:
2728:
2721:
2714:
2710:
2703:
2699:
2691:
2687:
2680:
2676:
2669:
2665:
2655:
2653:
2644:
2643:
2639:
2629:
2627:
2618:
2617:
2610:
2600:
2598:
2590:
2589:
2582:
2574:
2570:
2562:
2558:
2550:
2546:
2539:
2535:
2528:
2524:
2517:
2513:
2506:
2502:
2495:
2491:
2472:
2468:
2461:
2457:
2449:
2445:
2438:
2434:
2427:
2423:
2415:
2411:
2404:
2400:
2393:
2389:
2382:
2378:
2371:
2367:
2359:
2355:
2348:
2344:
2333:
2324:
2316:
2309:
2301:
2297:
2290:
2279:
2272:
2268:
2261:
2254:
2247:
2243:
2236:
2229:
2219:
2217:
2212:
2211:
2207:
2200:
2193:
2179:
2178:
2174:
2160:
2159:
2155:
2145:
2143:
2132:
2131:
2127:
2117:
2115:
2108:
2103:
2102:
2098:
2088:
2086:
2084:Learning Center
2078:
2077:
2073:
2063:
2061:
2053:
2052:
2048:
2038:
2036:
2027:
2026:
2022:
2012:
2010:
2001:
2000:
1993:
1983:
1981:
1972:
1971:
1967:
1957:
1955:
1946:
1945:
1941:
1931:
1929:
1920:
1919:
1915:
1905:
1903:
1895:
1894:
1890:
1880:
1878:
1869:
1868:
1864:
1854:
1852:
1844:
1843:
1839:
1834:
1830:
1825:
1821:
1808:
1798:
1791:
1789:
1780:
1779:
1775:
1765:
1763:
1762:on 27 July 2010
1750:
1749:
1745:
1735:
1733:
1724:
1723:
1719:
1709:
1707:
1698:
1697:
1693:
1683:
1681:
1672:
1671:
1667:
1650:
1643:
1641:
1637:
1630:
1628:"Archived copy"
1626:
1625:
1621:
1611:
1609:
1599:Financial Times
1592:
1591:
1587:
1577:
1575:
1574:. 17 March 2014
1566:
1565:
1561:
1551:
1549:
1532:
1531:
1527:
1517:
1515:
1507:
1506:
1499:
1489:
1487:
1479:
1478:
1474:
1464:
1462:
1445:
1444:
1440:
1430:
1428:
1411:
1410:
1406:
1388:
1387:
1383:
1370:
1360:
1348:
1329:10.1.1.695.1707
1317:
1316:
1312:
1304:
1302:"Security Form"
1300:
1299:
1295:
1285:
1283:
1266:
1265:
1261:
1251:
1249:
1238:
1237:
1233:
1223:
1221:
1217:
1213:
1212:
1208:
1200:
1196:
1186:
1184:
1180:
1173:
1168:
1167:
1160:
1150:
1148:
1140:
1139:
1135:
1125:
1123:
1115:
1114:
1110:
1100:
1098:
1089:
1088:
1084:
1074:
1072:
1062:Financial Times
1055:
1054:
1047:
1038:
1034:
1025:
1021:
1011:
1009:
1001:
1000:
996:
986:
984:
976:
975:
971:
961:
959:
951:
950:
943:
933:
931:
923:
922:
918:
908:
906:
893:
892:
883:
876:
869:
864:
859:
858:
850:
846:
841:
828:Dependency hell
814:
766:
745:
717:
684:(CISA) and the
670:
642:Debian unstable
620:
614:
569:
548:
525:
468:
460:Exchange Server
458:explaining the
410:
393:British Airways
385:
383:British Airways
356:exploit called
330:
309:
258:
252:
208:
202:
190:
185:
175:Poorly managed
161:
145:
137:cyber-criminals
71:
60:
54:
51:
40:
34:has an unclear
28:
24:
17:
12:
11:
5:
3432:
3430:
3422:
3421:
3411:
3410:
3407:
3406:
3393:
3392:External links
3390:
3387:
3386:
3361:
3337:
3290:
3265:
3236:
3223:
3197:
3172:
3147:
3134:
3121:
3096:
3085:on 30 May 2009
3064:
3049:
3037:
3021:
3000:
2975:
2956:
2930:
2904:
2892:www.redhat.com
2879:
2854:
2842:www.redhat.com
2829:
2814:
2803:. 3 April 2023
2801:securelist.com
2785:
2756:
2744:
2733:
2719:
2708:
2697:
2685:
2674:
2663:
2637:
2626:. 21 July 2021
2624:blog.sygnia.co
2608:
2580:
2568:
2556:
2544:
2533:
2522:
2511:
2500:
2489:
2487:
2486:
2481:
2466:
2455:
2443:
2432:
2421:
2409:
2398:
2387:
2376:
2365:
2353:
2342:
2322:
2307:
2295:
2277:
2266:
2252:
2241:
2227:
2205:
2191:
2172:
2153:
2125:
2096:
2071:
2046:
2020:
1991:
1965:
1939:
1926:securelist.com
1913:
1888:
1862:
1837:
1828:
1819:
1773:
1743:
1717:
1691:
1665:
1619:
1585:
1559:
1525:
1513:ComputerWeekly
1497:
1472:
1438:
1404:
1381:
1372:|journal=
1346:
1310:
1293:
1259:
1231:
1206:
1194:
1158:
1133:
1108:
1082:
1045:
1032:
1019:
994:
969:
957:SC Magazine UK
941:
916:
881:
866:
865:
863:
860:
857:
856:
843:
842:
840:
837:
836:
835:
830:
825:
820:
813:
810:
797:
796:
786:
779:
765:
762:
744:
741:
716:
713:
712:
711:
708:
705:
702:
699:
696:
693:
669:
666:
646:Fedora Rawhide
632:authentication
616:Main article:
613:
610:
568:
565:
547:
544:
524:
521:
484:
483:
480:
477:
467:
464:
409:
406:
384:
381:
329:
326:
308:
305:
254:Main article:
251:
248:
201:
198:
189:
186:
184:
181:
160:
157:
144:
141:
73:
72:
36:citation style
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
3431:
3420:
3417:
3416:
3414:
3405:
3404:
3399:
3396:
3395:
3391:
3375:
3371:
3365:
3362:
3347:
3341:
3338:
3333:
3329:
3325:
3321:
3317:
3313:
3309:
3305:
3301:
3294:
3291:
3279:
3275:
3269:
3266:
3253:
3246:
3240:
3237:
3233:
3227:
3224:
3211:
3207:
3201:
3198:
3186:
3182:
3176:
3173:
3161:
3157:
3151:
3148:
3144:
3138:
3135:
3131:
3125:
3122:
3110:
3106:
3100:
3097:
3081:
3074:
3068:
3065:
3062:
3058:
3053:
3050:
3046:
3041:
3038:
3035:
3030:
3028:
3026:
3022:
3010:
3004:
3001:
2989:
2988:archlinux.org
2985:
2979:
2976:
2971:
2967:
2960:
2957:
2944:
2943:openSUSE News
2940:
2934:
2931:
2918:
2914:
2908:
2905:
2893:
2889:
2883:
2880:
2868:
2864:
2858:
2855:
2843:
2839:
2833:
2830:
2825:
2818:
2815:
2802:
2798:
2792:
2790:
2786:
2774:
2770:
2763:
2761:
2757:
2753:
2748:
2745:
2742:
2737:
2734:
2731:
2726:
2724:
2720:
2717:
2712:
2709:
2706:
2701:
2698:
2694:
2689:
2686:
2683:
2678:
2675:
2672:
2667:
2664:
2652:
2648:
2641:
2638:
2625:
2621:
2615:
2613:
2609:
2597:
2593:
2587:
2585:
2581:
2578:
2572:
2569:
2566:
2560:
2557:
2554:
2548:
2545:
2542:
2537:
2534:
2531:
2526:
2523:
2520:
2515:
2512:
2509:
2504:
2501:
2498:
2493:
2490:
2485:
2482:
2480:
2477:
2476:
2475:
2470:
2467:
2464:
2459:
2456:
2452:
2447:
2444:
2441:
2436:
2433:
2430:
2425:
2422:
2418:
2413:
2410:
2407:
2402:
2399:
2396:
2391:
2388:
2385:
2380:
2377:
2374:
2369:
2366:
2362:
2357:
2354:
2351:
2346:
2343:
2340:
2338:
2331:
2329:
2327:
2323:
2319:
2314:
2312:
2308:
2304:
2299:
2296:
2293:
2288:
2286:
2284:
2282:
2278:
2275:
2270:
2267:
2264:
2259:
2257:
2253:
2250:
2245:
2242:
2239:
2234:
2232:
2228:
2215:
2209:
2206:
2203:
2198:
2196:
2192:
2187:
2183:
2176:
2173:
2168:
2164:
2157:
2154:
2142:
2141:
2136:
2129:
2126:
2114:
2113:Securonix.com
2107:
2100:
2097:
2085:
2081:
2075:
2072:
2060:
2056:
2050:
2047:
2035:. 3 July 2017
2034:
2030:
2024:
2021:
2009:
2005:
1998:
1996:
1992:
1979:
1975:
1969:
1966:
1954:
1950:
1943:
1940:
1927:
1923:
1917:
1914:
1902:
1898:
1892:
1889:
1876:
1872:
1866:
1863:
1851:
1847:
1841:
1838:
1832:
1829:
1823:
1820:
1815:
1803:
1788:
1784:
1777:
1774:
1761:
1757:
1756:Computerworld
1753:
1747:
1744:
1731:
1727:
1721:
1718:
1706:
1702:
1695:
1692:
1679:
1675:
1669:
1666:
1661:
1655:
1636:
1629:
1623:
1620:
1608:
1604:
1600:
1596:
1589:
1586:
1573:
1572:Bloomberg.com
1569:
1563:
1560:
1548:
1544:
1540:
1536:
1529:
1526:
1514:
1510:
1504:
1502:
1498:
1486:
1482:
1476:
1473:
1461:
1457:
1453:
1449:
1442:
1439:
1427:
1423:
1419:
1415:
1408:
1405:
1400:
1396:
1392:
1385:
1382:
1377:
1365:
1357:
1353:
1349:
1343:
1339:
1335:
1330:
1325:
1321:
1314:
1311:
1303:
1297:
1294:
1282:
1278:
1274:
1270:
1263:
1260:
1248:
1247:
1242:
1235:
1232:
1216:
1210:
1207:
1203:
1198:
1195:
1179:
1172:
1165:
1163:
1159:
1147:
1143:
1137:
1134:
1122:
1118:
1112:
1109:
1097:
1093:
1086:
1083:
1071:
1067:
1063:
1059:
1052:
1050:
1046:
1042:
1036:
1033:
1029:
1023:
1020:
1008:
1004:
998:
995:
983:
979:
973:
970:
958:
954:
948:
946:
942:
930:
926:
920:
917:
904:
900:
896:
890:
888:
886:
882:
879:
874:
872:
868:
861:
853:
848:
845:
838:
834:
831:
829:
826:
824:
821:
819:
816:
815:
811:
808:
804:
802:
801:Kaspersky Lab
794:
790:
787:
783:
780:
777:
774:
773:
772:
770:
763:
760:
756:
753:
750:
742:
740:
737:
735:
730:
727:
722:
714:
709:
706:
703:
700:
697:
694:
691:
690:
689:
687:
683:
679:
675:
667:
665:
663:
659:
655:
651:
647:
643:
638:
637:
633:
629:
625:
619:
611:
609:
606:
602:
597:
595:
591:
587:
583:
579:
574:
566:
564:
562:
558:
553:
545:
543:
541:
537:
532:
530:
522:
520:
516:
512:
510:
504:
502:
497:
494:
488:
481:
478:
475:
474:
473:
470:
465:
463:
461:
457:
453:
447:
444:
440:
434:
431:
427:
423:
419:
415:
407:
405:
402:
397:
394:
390:
382:
380:
378:
377:cybersecurity
373:
371:
367:
363:
359:
355:
350:
348:
343:
338:
335:
327:
325:
321:
317:
314:
306:
304:
302:
296:
294:
290:
286:
282:
277:
275:
274:computer worm
271:
262:
257:
249:
247:
243:
241:
235:
231:
229:
223:
221:
212:
207:
199:
197:
194:
187:
182:
180:
178:
173:
169:
165:
158:
156:
152:
150:
142:
140:
138:
133:
128:
126:
120:
118:
112:
110:
106:
102:
98:
94:
86:
81:
77:
69:
66:
58:
55:December 2020
48:
44:
38:
37:
32:This article
30:
21:
20:
3401:
3377:. Retrieved
3373:
3364:
3352:. Retrieved
3340:
3307:
3303:
3293:
3281:. Retrieved
3277:
3268:
3256:. Retrieved
3252:FS Viewpoint
3251:
3239:
3231:
3226:
3214:. Retrieved
3209:
3200:
3188:. Retrieved
3184:
3175:
3163:. Retrieved
3159:
3150:
3142:
3137:
3129:
3124:
3112:. Retrieved
3108:
3099:
3087:. Retrieved
3080:the original
3067:
3052:
3040:
3012:. Retrieved
3003:
2991:. Retrieved
2987:
2978:
2969:
2964:James, Sam.
2959:
2947:. Retrieved
2942:
2933:
2921:. Retrieved
2916:
2907:
2895:. Retrieved
2891:
2882:
2870:. Retrieved
2866:
2857:
2845:. Retrieved
2841:
2832:
2817:
2805:. Retrieved
2800:
2776:. Retrieved
2772:
2747:
2736:
2711:
2700:
2688:
2677:
2666:
2654:. Retrieved
2650:
2640:
2628:. Retrieved
2623:
2599:. Retrieved
2595:
2571:
2559:
2547:
2536:
2525:
2514:
2503:
2492:
2469:
2458:
2446:
2435:
2424:
2412:
2401:
2390:
2379:
2368:
2356:
2345:
2337:Ars Technica
2336:
2317:
2298:
2269:
2244:
2218:. Retrieved
2208:
2185:
2175:
2166:
2156:
2144:. Retrieved
2138:
2128:
2116:. Retrieved
2112:
2099:
2087:. Retrieved
2083:
2074:
2062:. Retrieved
2058:
2049:
2037:. Retrieved
2032:
2023:
2011:. Retrieved
2007:
1982:. Retrieved
1977:
1968:
1956:. Retrieved
1952:
1942:
1930:. Retrieved
1925:
1916:
1904:. Retrieved
1900:
1891:
1879:. Retrieved
1874:
1865:
1853:. Retrieved
1849:
1840:
1831:
1822:
1810:|last2=
1790:. Retrieved
1786:
1776:
1764:. Retrieved
1760:the original
1755:
1746:
1734:. Retrieved
1730:Ars Technica
1729:
1720:
1708:. Retrieved
1704:
1694:
1682:. Retrieved
1677:
1668:
1642:. Retrieved
1635:the original
1622:
1610:. Retrieved
1598:
1588:
1576:. Retrieved
1571:
1562:
1550:. Retrieved
1538:
1528:
1516:. Retrieved
1512:
1488:. Retrieved
1485:dwheeler.com
1484:
1475:
1463:. Retrieved
1451:
1441:
1429:. Retrieved
1417:
1407:
1390:
1384:
1319:
1313:
1296:
1284:. Retrieved
1272:
1262:
1250:. Retrieved
1246:The Register
1244:
1234:
1222:. Retrieved
1209:
1197:
1185:. Retrieved
1178:the original
1149:. Retrieved
1145:
1136:
1124:. Retrieved
1120:
1111:
1099:. Retrieved
1096:Ars Technica
1095:
1085:
1073:. Retrieved
1061:
1040:
1035:
1028:M2 Presswire
1027:
1022:
1010:. Retrieved
1007:Investopedia
1006:
997:
985:. Retrieved
981:
972:
960:. Retrieved
956:
932:. Retrieved
928:
919:
907:. Retrieved
903:the original
898:
847:
823:Cyber-attack
806:
798:
793:check digits
788:
781:
775:
767:
758:
754:
746:
738:
731:
718:
673:
671:
639:
621:
598:
570:
560:
549:
533:
526:
517:
513:
505:
498:
489:
485:
471:
469:
451:
448:
435:
428:(NNSA). The
411:
398:
386:
374:
351:
339:
331:
322:
318:
310:
297:
278:
270:cyber weapon
267:
244:
236:
232:
224:
217:
191:
174:
170:
166:
162:
153:
146:
129:
121:
113:
101:supply chain
97:cyber-attack
92:
90:
85:supply chain
76:
61:
52:
33:
3216:5 September
3210:GitGuardian
2575:Dan Goodin
2563:Dan Goodin
2335:Dan Goodin
2146:14 December
1953:reuters.com
1732:. June 2012
987:23 November
590:infostealer
523:Golden SAML
358:EternalBlue
307:ATM malware
132:Eli Lilly's
3379:30 October
3354:30 October
3283:30 October
3190:30 October
3165:30 October
3160:www.gov.uk
3114:29 October
3089:29 October
2917:Kali Linux
1906:30 October
1881:30 October
1855:4 November
1792:27 October
1766:27 October
1736:27 October
1710:30 October
1684:27 October
1644:27 October
1612:27 October
1578:30 October
1552:27 October
1518:27 October
1399:1676101578
1286:27 October
1252:27 October
1224:27 October
1187:27 October
1151:4 November
1126:4 November
1075:27 October
1012:4 November
962:29 October
909:27 October
862:References
715:Government
668:Prevention
658:Arch Linux
650:Kali Linux
567:3CX attack
540:Solorigate
536:SolarWinds
493:Web shells
456:kill chain
422:SolarWinds
408:SolarWinds
342:ransomware
47:footnoting
3332:235815012
3324:1064-1246
2186:USA Today
1802:cite news
1607:0307-1766
1547:0362-4331
1460:1059-1028
1426:1059-1028
1374:ignored (
1364:cite book
1324:CiteSeerX
1281:0099-9660
1070:0307-1766
676:, tasked
636:remotely.
601:Kaspersky
586:Microsoft
534:In 2020,
443:Microsoft
347:Chernobyl
242:systems.
164:network.
3413:Category
3014:30 March
2993:30 March
2949:30 March
2923:30 March
2897:30 March
2872:30 March
2847:29 March
2695:Darkside
2140:Newsweek
2033:ABC News
1787:BBC News
1654:cite web
1395:ProQuest
1356:18999955
982:Broadcom
934:10 April
812:See also
785:control.
624:XZ Utils
401:skimming
362:WannaCry
334:NotPetya
289:Symantec
183:Examples
109:Symantec
43:citation
3278:FireEye
1705:NPR.org
1490:16 July
1465:16 July
1431:16 July
1121:Fortune
1101:25 June
769:FireEye
662:FreeBSD
628:exploit
605:Lazarus
594:payload
439:FireEye
256:Stuxnet
250:Stuxnet
105:malware
3330:
3322:
3258:4 June
2064:1 June
2008:Forbes
1958:1 June
1932:19 May
1605:
1545:
1458:
1424:
1397:
1354:
1344:
1326:
1279:
1068:
652:, and
582:Mac OS
391:. The
220:Target
200:Target
3403:Wired
3349:(PDF)
3328:S2CID
3248:(PDF)
3083:(PDF)
3076:(PDF)
2807:2 May
2778:2 May
2656:2 May
2630:2 May
2601:2 May
2220:2 May
2118:2 May
2109:(PDF)
2089:2 May
2039:2 May
2013:2 May
1984:2 May
1901:WIRED
1638:(PDF)
1631:(PDF)
1452:Wired
1418:Wired
1352:S2CID
1305:(PDF)
1218:(PDF)
1181:(PDF)
1174:(PDF)
839:Notes
557:REvil
509:USAID
193:Wired
159:Risks
95:is a
3381:2015
3356:2015
3320:ISSN
3285:2015
3260:2020
3218:2023
3192:2015
3167:2015
3116:2015
3091:2015
3016:2024
2995:2024
2970:Gist
2951:2024
2925:2024
2899:2024
2874:2024
2849:2024
2809:2023
2780:2023
2658:2023
2632:2023
2603:2023
2222:2023
2148:2020
2120:2023
2091:2023
2066:2019
2041:2023
2015:2023
1986:2023
1960:2019
1934:2020
1908:2015
1883:2015
1857:2015
1814:help
1794:2015
1768:2015
1738:2015
1712:2015
1686:2015
1660:link
1646:2015
1614:2015
1603:ISSN
1580:2015
1554:2015
1543:ISSN
1520:2015
1492:2019
1467:2019
1456:ISSN
1433:2019
1422:ISSN
1376:help
1342:ISBN
1288:2015
1277:ISSN
1254:2015
1226:2015
1189:2015
1153:2015
1128:2015
1103:2024
1077:2015
1066:ISSN
1014:2015
989:2021
964:2015
936:2022
911:2015
747:The
734:SMEs
719:The
678:NIST
584:and
529:SAML
412:The
240:HVAC
45:and
3312:doi
1334:doi
501:FBI
228:POS
3415::
3400:–
3372:.
3326:.
3318:.
3308:40
3306:.
3302:.
3276:.
3250:.
3208:.
3183:.
3158:.
3107:.
3024:^
2986:.
2968:.
2941:.
2915:.
2890:.
2865:.
2840:.
2799:.
2788:^
2771:.
2759:^
2722:^
2649:.
2622:.
2611:^
2594:.
2583:^
2325:^
2310:^
2280:^
2255:^
2230:^
2194:^
2184:.
2165:.
2137:.
2111:.
2082:.
2057:.
2031:.
2006:.
1994:^
1976:.
1951:.
1924:.
1899:.
1873:.
1848:.
1806::
1804:}}
1800:{{
1785:.
1754:.
1728:.
1703:.
1676:.
1656:}}
1652:{{
1601:.
1597:.
1570:.
1541:.
1537:.
1511:.
1500:^
1483:.
1454:.
1450:.
1420:.
1416:.
1393:.
1368::
1366:}}
1362:{{
1350:.
1340:.
1332:.
1275:.
1271:.
1243:.
1161:^
1144:.
1119:.
1094:.
1064:.
1060:.
1048:^
1005:.
980:.
955:.
944:^
927:.
897:.
884:^
870:^
648:,
644:,
563:.
418:IT
139:.
119:.
91:A
3383:.
3358:.
3334:.
3314::
3287:.
3262:.
3220:.
3194:.
3169:.
3118:.
3093:.
3018:.
2997:.
2972:.
2953:.
2927:.
2901:.
2876:.
2851:.
2811:.
2782:.
2660:.
2634:.
2605:.
2188:.
2169:.
2150:.
2122:.
2093:.
2068:.
2043:.
2017:.
1988:.
1962:.
1936:.
1910:.
1885:.
1859:.
1816:)
1796:.
1770:.
1740:.
1714:.
1688:.
1662:)
1648:.
1616:.
1582:.
1556:.
1522:.
1494:.
1469:.
1435:.
1401:.
1378:)
1358:.
1336::
1307:.
1290:.
1256:.
1228:.
1191:.
1155:.
1130:.
1105:.
1079:.
1016:.
991:.
966:.
938:.
913:.
68:)
62:(
57:)
53:(
49:.
39:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.