Supply chain attacks: Cyber ​​​​Cyber ​​​​Cyber ​​​​Sections yog tsom rau cov chaw muab software

IMAGE CREDIT:
Duab credit
iStock

Supply chain attacks: Cyber ​​​​Cyber ​​​​Cyber ​​​​Sections yog tsom rau cov chaw muab software

Supply chain attacks: Cyber ​​​​Cyber ​​​​Cyber ​​​​Sections yog tsom rau cov chaw muab software

Subheading ntawv nyeem
Supply chain attacks hem cov tuam txhab thiab cov neeg siv lub hom phiaj thiab siv cov neeg muag khoom software.
    • Author:
    • Tus sau lub npe
      Quantumrun Foresight
    • Lub ob hlis ntuj 9, 2023

    Kev tawm tsam kev tawm tsam yog qhov kev txhawj xeeb loj zuj zus rau cov lag luam thiab cov koom haum thoob ntiaj teb. Cov kev tawm tsam no tshwm sim thaum cybercriminal infiltrates lub tuam txhab cov khoom siv thiab siv nws nkag mus rau lub hom phiaj lub koom haum cov txheej txheem lossis cov ntaub ntawv. Qhov tshwm sim ntawm cov kev tawm tsam no tuaj yeem ua rau hnyav, suav nrog kev poob nyiaj txiag, kev puas tsuaj rau lub tuam txhab lub koob npe nrov, kev cuam tshuam ntawm cov ntaub ntawv rhiab, thiab cuam tshuam kev ua haujlwm. 

    Supply chain attacks ntsiab lus

    Kev tawm tsam kev tawm tsam yog kev tawm tsam cyberattack uas tsom mus rau lwm tus software, tshwj xeeb yog cov uas tswj hwm lub koom haum lub hom phiaj lub tshuab lossis cov ntaub ntawv. Raws li 2021 "Tshiab Landscape rau Supply Chain Attacks" tsab ntawv ceeb toom, 66 feem pua ​​​​ntawm cov saw hlau tawm tsam nyob rau 12 lub hlis dhau los tau tsom mus rau tus neeg muag khoom cov cai, 20 feem pua ​​​​cov ntaub ntawv tsom, thiab 12 feem pua ​​​​ntawm cov txheej txheem sab hauv. Malware yog txoj kev siv ntau tshaj plaws hauv cov kev tawm tsam no, suav txog 62 feem pua ​​​​ntawm cov xwm txheej. Txawm li cas los xij, ob feem peb ntawm kev tawm tsam rau cov neeg siv khoom tau txais txiaj ntsig los ntawm kev ntseeg siab hauv lawv cov neeg muab khoom.

    Ib qho piv txwv ntawm kev tawm tsam kev tawm tsam yog 2017 nres ntawm lub tuam txhab software, CCleaner. Hackers tau tuaj yeem cuam tshuam lub tuam txhab cov khoom siv software thiab faib cov malware los ntawm kev hloov kho software, uas cuam tshuam ntau lab tus neeg siv. Qhov kev tawm tsam no tau hais txog qhov muaj peev xwm tsis zoo ntawm kev cia siab rau cov neeg muab kev pabcuam thib peb thiab qhov tseem ceeb ntawm kev tiv thaiv kev ruaj ntseg zoo los tiv thaiv cov kev tawm tsam no.

    Kev vam khom ntau ntxiv rau cov neeg muab kev pabcuam thib peb thiab cov khoom siv digital cov khoom siv sib txuas ua ke yog qhov tseem ceeb rau kev loj hlob ntawm kev lag luam digital saw kev ua txhaum cai. Raws li kev lag luam outsource ntau dua ntawm lawv cov haujlwm thiab cov kev pabcuam, tus naj npawb ntawm cov ntsiab lus nkag rau cov neeg tawm tsam tau nce. Cov qauv no tshwj xeeb tshaj yog hais txog thaum nws los txog rau cov chaw muag khoom me lossis tsawg dua kev ruaj ntseg, vim lawv yuav tsis muaj tib theem kev ntsuas kev nyab xeeb nyob rau hauv qhov chaw raws li lub koom haum loj. Lwm qhov tseem ceeb yog kev siv cov khoom siv tsis tu ncua lossis tsis tau kho software thiab cov tshuab. Cybercriminals feem ntau siv cov kev paub tsis zoo hauv software lossis cov tshuab kom nkag mus rau lub tuam txhab cov khoom siv digital. 

    Kev cuam tshuam

    Kev tawm tsam cov saw hlau tuaj yeem ua rau muaj kev puas tsuaj rau lub sijhawm ntev. Ib qho piv txwv zoo tshaj plaws yog lub Kaum Ob Hlis 2020 cyber nres ntawm SolarWinds, uas muab IT tswj software rau tsoomfwv cov koom haum thiab kev lag luam. Cov hackers siv cov software hloov tshiab los faib malware rau lub tuam txhab cov neeg siv khoom, suav nrog ntau lub koomhaum tseemfwv Meskas. Qhov kev tawm tsam no yog qhov tseem ceeb vim tias qhov ntsuas ntawm qhov kev sib haum xeeb thiab qhov tseeb tias nws mus tsis tau kuaj tau ntau lub hlis.

    Qhov kev puas tsuaj loj dua thaum lub tuam txhab phiaj xwm muab cov kev pabcuam tseem ceeb. Lwm qhov piv txwv yog nyob rau lub Tsib Hlis 2021, thaum lub tuam txhab khoom noj thoob ntiaj teb JBS raug ntaus los ntawm kev tawm tsam ransomware uas cuam tshuam nws txoj haujlwm hauv ntau lub tebchaws, suav nrog Asmeskas, Canada, thiab Australia. Qhov kev tawm tsam tau ua los ntawm ib pab pawg neeg txhaum cai hu ua REvil, uas siv qhov tsis zoo hauv lub tuam txhab software thib peb. Qhov xwm txheej tseem cuam tshuam rau JBS cov neeg siv khoom, suav nrog cov chaw ntim khoom noj thiab cov khw muag khoom noj. Cov tuam txhab no tau ntsib kev tsis txaus ntawm cov khoom noj nqaij thiab yuav tsum nrhiav lwm qhov chaw lossis kho lawv cov haujlwm.

    Txhawm rau tiv thaiv kev tawm tsam cov khoom siv digital, nws yog qhov tseem ceeb rau cov lag luam kom muaj kev tiv thaiv kev ruaj ntseg thiab hloov tau yooj yim hauv qhov chaw. Cov kev ntsuas no suav nrog kev ua tib zoo saib xyuas ntawm cov neeg muab kev pabcuam thib peb, tsis tu ncua hloov kho thiab kho cov software thiab cov tshuab, thiab ua raws li cov cai thiab cov txheej txheem kev ruaj ntseg. Nws tseem yog ib qho tseem ceeb rau cov tuam txhab kom qhia lawv cov neeg ua haujlwm txog kev txheeb xyuas thiab tiv thaiv kev tawm tsam, suav nrog kev sim phishing.

    Qhov cuam tshuam ntawm kev tawm tsam cov khoom siv 

    Kev cuam tshuam dav dav ntawm kev tawm tsam cov saw hlau tuaj yeem suav nrog:

    • Kev txo qis kev siv cov software thib peb thiab kev cia siab ntau dua ntawm cov kev daws teeb meem hauv tsev rau cov ntaub ntawv rhiab heev, tshwj xeeb ntawm tsoomfwv cov koomhaum.
    • Cov peev nyiaj nce ntxiv rau kev ntsuas kev ruaj ntseg hauv cybersecurity, tshwj xeeb ntawm cov koom haum uas muab cov kev pabcuam tseem ceeb xws li kev siv hluav taws xob thiab kev sib txuas lus.
    • Ntau qhov xwm txheej ntawm cov neeg ua haujlwm poob raug tsim txom los ntawm phishing tawm tsam lossis inadvertently qhia malware rau hauv lawv lub tuam txhab cov kab ke.
    • Zero-hnub tawm tsam dhau los ua ib qho chaw zoo li cybercriminals coj kom zoo dua ntawm cov software tsim tawm siv qhov hloov tshiab tsis tu ncua, uas tuaj yeem muaj ntau yam kab mob uas cov hackers tuaj yeem siv tau.
    • Kev siv ntau dua ntawm kev ncaj ncees hackers ntiav los tshawb nrhiav qhov tsis zoo hauv cov txheej txheem txhim kho software.
    • Ntau lub tseem fwv dhau cov kev cai uas xav kom cov neeg muag khoom muab cov npe tag nrho ntawm lawv cov neeg muab khoom thib peb, nrog rau kev tshawb xyuas cov txheej txheem txhim kho software.

    Cov lus nug los tawm tswv yim

    • Muaj pes tsawg tus neeg thib peb apps koj tso siab rau kev lag luam niaj hnub, thiab koj tso cai rau kev nkag mus ntau npaum li cas?
    • Koj ntseeg tias kev ruaj ntseg ntau npaum li cas txaus rau cov neeg muag khoom thib peb?
    • Tsoom fwv yuav tsum tau nqis tes los tswj cov qauv kev cai rau cov neeg muag khoom thib peb?

    Ntxiv rau daim ntawv

    Insight references

    Cov nram qab no nrov thiab cov koom haum txuas tau raug xa mus rau qhov kev pom no:

    Quartz Dab tsi yog qhov khoom siv hluav taws xob cyber nres?
    CSO Kev tawm tsam cov saw hlau qhia tias vim li cas koj yuav tsum ceev faj ntawm cov neeg muab kev pabcuam thib peb
    Kev Tswj Khoom Siv Muab cov saw hlau cyber tawm tsam rau 'quadruple.'
    ntxiv rau daim ntawv
    forecast cov ntaub ntawv
    Tags
    Qeb
    Lag Luam
    Economy
    infrastructure
    technology
    Kev lag luam
    Economics
    Logistics
    Khw muag khoom thev naus laus zis
    Server Infrastructure
    mov Saw
    Tshawb nrhiav QUANTUMRUN FORESIGHT cov kev pabcuam
    Foresight platform Foresight kev pab tswv yim
    ROV QAB LOS TSEV
    icon
    Mus rau saum