Information Assurance - 2

Question 1

type of cyberattack that targets a trusted third-party vendor who offers services or software vital to the supply chain.

Answer 1

SUPPLY CHAIN ATTACK

Question 2

ATTACKS CAN TAKE VARIOUS FORMS

Answer 2

1. SOFTWARE SUPPLY CHAIN ATTACKS
2. HARDWARE SUPPLY CHAIN ATTACKS
3. SERVICE PROVIDER COMPROMISE

Question 2

cyberattack that targets the weakest link in the interconnected chain of entities involved in producing, distributing, and maintaining goods or services

Answer 2

supply chain attack

Question 2

Attackers compromise software vendors or open-source projects to inject malicious code into legitimate software updates or packages. When users download and install these updates, they inadvertently install the malware onto their systems

Answer 2

SOFTWARE SUPPLY CHAIN ATTACKS

Question 3

Attackers tamper with hardware components during the manufacturing process or supply chain distribution, introducing backdoors, spyware, or other malicious functionality into the devices. These compromised hardware components are then sold to unsuspecting customers, allowing attackers to gain unauthorized access to their systems

Answer 3

HARDWARE SUPPLY CHAIN ATTACKS

Question 4

WHAT DO SUPPLY CHAIN ATTACKS DO

Answer 4

The goal of a supply chain attack is to infiltrate and disrupt a weak point of a system within an organization’s supply chain with the intent to cause harm

Question 4

Attackers compromise third-party service providers, such as cloud providers, managed service providers, or IT vendors, to gain access to their customers’ networks. Once inside, they can move laterally and escalate privileges to carry out further attacks.

Answer 4

SERVICE PROVIDER COMPROMISE

Question 5

exploit weaknesses which typically third parties that are considered to have the weakest cybersecurity

Answer 5

Supply chain attacks

Question 6

COMMON TYPES OF SUPPLY CHAIN ATTACKS

Answer 6

1. BROWSER-BASED ATTACKS
2. SOFTWARE ATTACKS
3. OPEN-SOURCE ATTACKS
4. JAVASCRIPT ATTACKS
5. WATERING HOLE ATTACKS
6. MAGECART ATTACKS
7. CRYPTOJACKING

Question 7

Run malicious code on end-user browsers. Attackers may target JavaScript libraries or browser extensions that automatically execute code on user devices.

Answer 7

BROWSER-BASED ATTACKS

Question 8

Exploit vulnerabilities in open-source code

Answer 8

OPEN-SOURCE ATTACKS

Question 9

Disguise malware in software updates

Answer 9

SOFTWARE ATTACKS

Question 10

Exploit existing vulnerabilities in JavaScript code or embed malicious scripts in webpages that automatically execute when loaded by a user

Answer 10

JAVASCRIPT ATTACKS

Question 11

Identify websites that are commonly used by a large number of users (e.g. a website builder or government website).

Answer 11

WATERING HOLE ATTACKS

Question 12

Use malicious JavaScript code to skim credit card information from website checkout forms, which are often managed by third parties.

Answer 12

MAGECART ATTACKS

Question 13

Allows attackers to steal computational resources needed to mine cryptocurrency

Answer 13

CRYPTOJACKING

Question 14

HOW DO YOU PREVENT A SUPPLY CHAIN ATTACK

Answer 14

1. Evaluating the risks of third parties
2. Reducing the number of individuals within an organization that are authorized to install third-party software
3. Including supply chains in response and remediation plans
4. Reviewing who has access to what sensitive data
5. Making sure the organization’s data is terminated from the vendor’s systems after a contract
6. Investing in tools provided by security firm

Question 15

A security researcher was able to breach Microsoft, Uber, Apple, and Tesla. The researcher, Alex Birsan, took advantage of dependencies that applications use to provide services to end-users

Answer 15

DEPENDENCY CONFUSION

Question 15

hackers were able to compromise a security certificate that authenticates Mimecast’s services on Microsoft 365 Exchange Web Services.

Answer 15

MIMECAST (2021)

Question 16

EXAMPLES OF SUPPLY CHAIN ATTACKS

Answer 16

1. DEPENDENCY CONFUSION (2021)
2. MIMECAST (2021)
3. SOLARWINDS ATTACK (2020)
4. ASUS (2018)
5. EVENT-STREAM (2018)
6. BLOOMBERG BUSINESSWEEK SUPPLY CHAIN ATTACK
7. NOTPETYA (2017)
8. EQUIFAX DATA BREACH (2017)
9. TARGET

Question 17

This was a complex attack that injected malicious code into the software’s build cycle and initially infected about 18,000 customers downstream, including major firms and government agencies that were secured by the strongest cybersecurity tools and services available today.

Answer 17

SOLARWINDS ATTACK (2020)

Question 18

The attack on ASUS, according to Symantec researchers, took advantage of an update feature and impacted as many as 500,000 systems. In the attack, an automatic update was used to introduce malware to users’ systems.

Answer 18

ASUS (2018)

Question 19

a repository within the GitHub system was injected with malware. The dependency in the repository containing the malware was accessed by an unknown number of applications.

Answer 19

EVENT-STREAM (2018)

Question 20

In October 2018, Bloomberg Businessweek published an investigative report alleging that Chinese intelligence operatives had compromised the supply chain of Supermicro, a major supplier of server motherboards.

Answer 20

BLOOMBERG BUSINESSWEEK SUPPLY CHAIN ATTACK (2018)

Question 21

The malware made its appearance in Ukraine as a backdoor in a tax accounting software.

Answer 21

NOTPETYA (2017)

Question 22

In July 2017, Equifax, one of the largest consumer credit reporting agencies in the United States, discovered a significant cybersecurity incident affecting its systems.

Answer 22

EQUIFAX DATA BREACH (2017)

Question 23

EFFECTS OF SUPPLY CHAIN ATTACKS

Answer 23

1. FINANCIAL LOSSES
2. DATA BREACHES
3. TRUST EROSION
4. NATIONAL SECURITY RISKS
5. REGULATORY PENALTIES

Question 24

Organizations that fall victim to supply chain attacks often experience considerable financial losses due to system downtime, lost revenue, and costs associated with remediation. Furthermore, these companies may suffer reputational damage, which could result in the loss of business partners or customers.

Answer 24

FINANCIAL LOSSES

Question 25

Successful supply chain attacks can cause extensive data breaches involving sensitive information such as customer records, intellectual property (IP), trade secrets, or classified government documents. These breaches not only impact the targeted organization but also affect its clients who entrusted them with their valuable data.

Answer 25

DATA BREACHES

Question 26

When an organization is compromised by a supply chain attack, trust among its stakeholders—such as customers, suppliers, and investors—erodes. Rebuilding this trust can be challenging and may lead to long-term damage that goes beyond immediate financial losses.

Answer 26

TRUST EROSION

Question 27

Supply-chain attacks that compromise critical infrastructure—like power grids, water supplies, or transportation systems—pose a threat to national security. These attacks can disrupt essential services and impact entire populations.

Answer 27

NATIONAL SECURITY RISKS

Question 27

Organizations impacted by supply chain attacks may face regulatory penalties if they fail to comply with data protection laws such as the GDPR or CCPA. Non-compliance can result in substantial fines and legal consequences

Answer 27

REGULATORY PENALTIES