The SunBurst campaign has left the world in shock. A nation-state actor intruded into a huge number of firms, including several U.S. government agencies. However, more supply chain issues have come to the forefront that we cannot neglect.
A gang of as-of-now unknown hackers has launched a supply chain attack against government and private agencies in Vietnam by embedding malware inside an official government software toolkit. Dubbed Operation SignSight, the campaign targets the Vietnam Government Certification Authority (VGCA).
Malicious RubyGems packages were found that were being used in a supply chain attack in an attempt to steal cryptocurrency. Threat actors can easily upload malicious packages on the RubyGems repository, hoping that a developer will unwittingly integrate the same into their program.
Earlier this month, a spear-phishing campaign targeting multiple organizations in the COVID-19 vaccine supply chain was launched. The aim of the campaign was to harvest online credentials for further attacks.
What does this imply?
Supply chain attacks have gained a lot of popularity among cybercriminals as inclusion or intrusion in a project can impact plenty of users. Moreover, threat actors monetize stolen credentials by launching ransomware attacks.
The bottom line
Supply chain attacks are relatively difficult to spot as they are embedded among legitimate codes. Thus, organizations at risk of these attacks are recommended to activate their incident response processes and look out for IOCs.