With the ever-growing presence of state-sponsored cyberattacks, there’s a growing concern that these campaigns, small and large, all lead to a weaponized cyberattack that is designed to take down key civilian infrastructures and cripple an entire nation.
Cyber warfare is evolving constantly as we speak and state-level attacks are using various techniques to infiltrate our critical systems for espionage and widespread disruption.
In fact, U.S. defense officials are now telling everyone to be vigilant against suspicious software that may have been compromised by state-sponsored hackers.
Read on and learn why compromised software can be a big threat to our national security.
“Do Not Buy” list
The Pentagon is warning the U.S. military of software believed to have been compromised by Russian or Chinese state-sponsored hackers.
According to a Defense One report, officials are now circulating a “Do Not Buy” list of software that do not meet national security standards.
This warning follows other reports that Russian hackers have infiltrated U.S. electric utilities via third-party supply chain companies.
The Pentagon started the “Do Not Buy” list in early 2018 and it is circulated among the military’s software buyers. Suspicious companies with sketchy software are regularly added to the list.
Pentagon officials are also working with the intelligence community to identify software companies that operate in a way that’s not consistent with U.S. defense standards.
Due to the sensitive information, no details of the list have been publicly released so far.
Education is key
To further bolster the efforts against compromised software, contractors who provide tech services to the U.S. military are also being educated about suspicious software companies.
The Pentagon has also urged defense firms to have adequate cybersecurity, not just for their own systems, but for their third-party suppliers, as well.
According to US National Counterintelligence and Security Center, hackers can compromise software code via these methods:
- Booby-trapped software – Developers of such software deliberately write malicious code within the program.
- Reverse engineering – This is when state-sponsored hackers compromise software from U.S. companies by finding vulnerabilities when their source code is examined by foreign intelligence.
- Investments – This a more discreet form of compromise since it involves legitimate large-scale investments by a foreign entity on U.S. based tech start-ups.
Examples of software supply chain attacks
Although the “Do Not Buy” list is not publicly available, the National Counterintelligence and Security Center listed a few recent examples of software compromise.
- Last year, popular computer utility CCleaner was modified by hackers to infect 2.2 million users with a backdoor and spying malware.
- Hackers corrupted and installed backdoors on software made by a South Korean company Netsarang.
- A malware campaign called Kingslayer targeted the admin accounts of U.S. firms so hackers can steal credentials and replace legitimate software with hacked versions.
What do you think? Are software compromise attacks serious threats to national security? Drop us a comment!