Are You Part of a Supply Chain Attack? | Avast

Are You Part of a Supply Chain Attack? | Avast
Kevin Townsend, 13 May 2019

Could you be the weak link for hackers?



In December 2018, Chinese nationals Zhu Hua and Zhang Shilong were indicted by the US Department of Justice for involvement with the APT10 hacking group. The APT epithet stands for Advanced Persistent Threat. It is used to specify an elite hacking group, usually one that operates with the endorsement of, or direct employment by, a nation state. These are not run-of-the-mill cybercriminals.
One of the charges levied against Hua and Shilong was involvement in what the Justice Department called the ‘MSP Theft Campaign’. This is better known among security researchers as Cloud Hopper. Managed Service Providers (MSPs) were compromised, but they were not the primary targets – it was their customers that APT10 wished to hack. The MSPs were phished, and their customers’ credentials stolen; giving the APT10 group unhindered access to the real targets via the MSPs’ authorized access details.
This type of attack is known as a ‘supply chain attack’. The true target isn’t attacked directly. Rather its generally less well-defended supply chain – in this case the MSPs – are targeted first.
You may ask yourself, what have state-level hackers and international cyber-espionage to do with me? Possibly – but not necessarily – nothing. But it is important to understand the concept of supply chain attacks and how they could affect us. We all need to know where in the hackers’ food chain we live.
What is a supply chain?
A supply chain is a chain of dependencies in goods or services. If I shop at Wal-Mart, Wal-Mart is in my supply chain. This chain links back to the wh ..