Supply chain Attacks: The rise of the Third Party Poopers

Abstract

Supply chain attacks are becoming increasingly widespread as cyber criminals seek to access sensitive data and systems through less secure third parties. In such attacks, the victim is not the ultimate target of the attack, but rather a stepping stone to other larger networks. In this talk, I will present an overview of supply chain attacks and delve into various attack patterns, specific cases, lessons learned, challenges and mitigations.

Outline

  • Who I Am - In infosec around 2003, various positions (CISO, researcher, pen tester, consultant with true love to low level and hardware hacking).
  • Recap of supply chain and 3rd party compromises - what is the defined problem, why we care, challenges.
  • Attack patterns, Categories, such as:
    • Source Code Repository & compromise
    • Watering hole attack.
    • Build, source and publishing infrastructure.
    • Fake Toolchain.
    • Backdooring SDK.
    • Typo Squatting.
    • More complicated cases.

We will go over and mention cases such as: PEAR Breach, Komodo, ShadowHammer, HandBrake, CCleanup and others.

  • Mitigations and lessons learned.
  • Closer and Q&A

Elad Shapira

@zestexposed

Elad is head of research at Panorays that loves reverse engineering, low level and hardware hacking. At Panorays, Elad and his team are responsible for mimicking hacker behavior by researching new attack techniques and vectors in order to automatically test the security posture of companies en masse. Elad is a recognized speaker, having presented at various hacking conferences such BlueHat IL, ReCon and Defcon meetups. Prior to Panorays, Elad was the Mobile Security Research Team Leader at AVG technologies. Elad also lectures at Afeka Academic College of Engineering and helps to organize local hacking competitions.