Skip to main content
Microsoft Security

Searchresults for: supply chain attacks

Photo of young adult male gaming with keyboard and mouse with laptop attached to additional monitor
Published
14 min read

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks 

...of software supply chain attacks to conduct widespread malicious operations. In November 2023, Microsoft reported on Diamond Sleet’s supply chain compromise of CyberLink, a multimedia application...While Microsoft has not yet identified any Moonstone Sleet supply chain attacks, the actor has extensively targeted software development firms in its campaigns. Large-scale access to software companies would pose a particularly high risk for future supply chain attacks against those organizations... Figure 2. Moonstone Sleet attack chain using trojanized PuTTY Microsoft has also observed Moonstone Sleet using other...

Image of New York City at night.
Published
3 min read

Defending the power grid against supply chain attacks—Part 1: The risk defined 

...of the industry, you may be vulnerable. This blog series, “Defending the power grid against supply chain attacks,” analyzes how these attacks are conducted and the steps utilities, device manufacturers, and software providers can take to better secure critical infrastructure. Why it matters Modern warfare is no longer conducted...against supply chain attacks series will offer practical advice for both the utilities and their vendors. Stay tuned for: Part 2: Secure the hardware and software used by utilities Part 3: Risk management strategies for the utilities industry In the meantime, whether you are a utility or one its suppliers, you...and the utility industry has learned to respond rapidly and effectively to these events. But what happens if service interruptions become more unpredictable and affect large geographical regions with huge populations? This is a risk that utilities and their supply chain must continue to address. Nation state actors and other adversaries have...

Image of a worker at his desk.
Published
5 min read

Guarding against supply chain attacks—Part 3: How software becomes compromised 

...that software engineers use to build applications and products. All this software can be difficult to track and can be vulnerable to attack if not known and/or not managed properly. In the U.S. Department of Defense’s Defense Federal Acquisition Regulation Supplement, a supply chain risk is defined as “the risk that an adversary may sabotage...understand and mitigate your risk. This Part 3 of our five-part blog series entitled “Guarding against supply chain attacks” illustrates how software supply chain attacks are executed and offers best practices for improving the quality of the software that undergirds your applications and business. Examples of software supply chain attacks...with global reach Starting in 2012 the industry began to see a marked increase in the number of attacks targeted at software supply chains each year. Like other hacking incidents, a well-executed software supply chain attack can spread rapidly. The following examples weaponized automatic software updates to infect computers in large and small...

Image of a tech worker at his desk looking at a computer.
Published
5 min read

Guarding against supply chain attacks—Part 1: The big picture 

These compromises in the safety and integrity of your supply chain can threaten the success of your business, no matter the size of your operation. But typically, the longer your supply chain, the higher the risk for attack, because of all the supply sources in play. In this blog series, “Guarding against supply chain attacks,” we examine...various components of the supply chain, the vulnerabilities they present, and how to protect yourself from them. Defining the problem Supply chain attacks are not new. The National Institute of Standards and Technology (NIST) has been focused on driving awareness in this space since 2008. And this problem is not going away. In 2017...and 2018, according to Symantec, supply chain attacks rose 78 percent. Mitigating this type of third-party risk has become a major board issue as executives now understand...

Published
4 min read

Guarding against supply chain attacks—Part 2: Hardware risks 

The challenge and benefit of technology today is that it’s entirely global in nature. This reality is brought into focus when companies assess their supply chains, and look for ways to identify, assess, and manage risks across the supply chain of an enterprise. Part 2 of the “Guarding against supply chain attacks” blog series examines the hardware...supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks. Unpacking the hardware supply chain A labyrinth of companies produces mobile phones, Internet of Things (IoT) devices, servers, and other technology products that improve our lives. Product designers outsource...Attackers who target hardware typically manipulate a handful of components or devices, not an entire batch. This means that unusual device activity may resemble an anomaly rather than a malicious act. The complexity of the supply chain itself also resists easy investigation. With multiple players, some of whom are subcontracted by vendors...

Go beyond data protection with Microsoft Purview

Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.

Learn more
Aerial view of port and freeways leading to downtown Singapore.
Published
5 min read

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry 

Figure 1: Increased attacks on critical infrastructure This is the third and final post in the “Defending the power grid against supply chain attacks” series...“Defending the power grid against supply chain attacks: Part 2 – Securing hardware and software...target the utility supply chain to insert malware into devices destined for the power grid. As modern infrastructure becomes more reliant on connected devices, the power industry must continue to come together to improve security at every step of the process...

Attack inception: Compromised supply chain within a supply chain poses new risks
Published
11 min read

Attack inception: Compromised supply chain within a supply chain poses new risks 

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor...instead to a second software vendor that hosted additional packages used by the app during installation. This turned out be an interesting and unique case of an attack involving "the supply chain of the supply chain". The attackers monetized the campaign using...While the impact is limited, the attack highlighted two threat trends: (1) the escalating frequency of attacks that use software supply chains as threat vector, and (2) the increasing use of cryptocurrency miners as primary means for monetizing malware campaigns. This new supply chain incident did not appear to involve nation-state attackers...

Image of an electronics factory.
Published
5 min read

Defending the power grid against supply chain attacks—Part 2: Securing hardware and software 

Figure 1: You can use Conditional Access policies to define when someone is promoted to sign in with MFA. Secure privileged access In a supply chain attack...demonstrated that they are capable of attacking a nation’s power grid through internet-connected devices. As utilities and their suppliers race to modernize our infrastructure, it’s critical that cybersecurity measures are prioritized...In the first blog in the “Defending the power grid against cyberattacks” series, I walked through how the accelerated adoption of the Internet of Things (IoT) puts utilities and citizens at risk of attack from nation state actors. In this post, I’ll provide guidance for how...

Image of cranes.
Published
6 min read

Improve cyber supply chain risk management with Microsoft Azure 

For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. Supply chain attacks target software developers, systems integrators, and technology...cyber supply chains in Information Communications and Technology (ICT) products and services. Supply chain attacks are most concerning because they target vulnerabilities in your infrastructure before you even deploy your assets and software. Attackers can: Compromise software building tools to ensure that their malware...into hardware, firmware, and field-programmable gate arrays (FPGAs). Pre-install malware onto IoT devices before they arrive to target organizations. Managing Supply Chain Risk Management (SCRM) to defend against supply chain attacks Defending against supply chain attacks requires a comprehensive approach to managing Supply...

Retail store manager using a tablet securely while working remote from a café.
Published
3 min read

Microsoft contributes S2C2F to OpenSSF to improve supply chain security 

...achieve S2C2F Level 2 compliance. The S2C2F is critical to the future of supply chain security According to Sonatype’s 2022 State of the Software Supply Chain report,2 supply chain attacks specifically targeting OSS have increased by 742...percent annually over the past three years. The S2C2F is designed from the ground up to protect developers from accidentally consuming malicious and compromised packages helping to mitigate supply chain attacks by decreasing consumption-based attack surfaces. As new threats emerge, the OpenSSF S2C2F SIG under the Supply Chain Integrity Working...the Secure Supply Chain Consumption Framework (S2C2F), previously the Open Source Software-Supply Chain Security (OSS-SSC) Framework. As a massive consumer of and contributor to open source, Microsoft understands the importance of a robust strategy around securing how developers consume and manage open source software (OSS...