Supply Chain attack - protecting application from third party vulnerabilities
Introduction
As a result, an attack group comprises a service or trusted entity in order to breach an organization’s security and access its internal systems. Consider a company that relies heavily on internal development and uses a GIthub repo. When creating websites, most programmers use this framework. Each repository contains its own unique set of dependencies, libraries, and other components. The developer’s goal now is to provide encryption support to this repository. That’s why they’ll incorporate any widely-used open-source library for the task.
Now the attacker pretends to be a developer and submits a pull request intended to patch a hole in the encryption library. Assuming this pull request is legitimate, the main project’s maintainers merge it without verifying its validity. The malicious backdoor in the attacker code compromises the integrity of the entire project. As a result, the attacker’s virus is included into subsequent versions of the primary project. The update affects all currently active developers who are utilizing it. Because of how malware works, cybercriminals can easily gain access to private data within software.
Supply chain attacks can be much more severe and nuanced in the real world, but this scenario is meant to help…
