Week 6_This week in cybersecurity

docx

School

California State University, Fullerton *

*We aren’t endorsed by this school

Course

1964

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

3

Uploaded by marttiatoo

Report
1 North Korean Supply chain attacks prompt joint from Seoul and London: Hackers connected to the Democratic People's Republic of Korea (DPRK) could jeopardize the software supply chain. Because of this, the UK and South Korea have jointly issued an advisory warning about the possible consequences of this threat. Alongside the publication of the warning, the governments of the two countries formed a new strategic cyber partnership on Thursday. As part of the alliance, they committed to cooperating to disrupt and deter DPRK malicious cyber capabilities and activities that contribute to its WMD programs. This warning was issued concurrently with the formation of the partnership. It follows previous breaches in the supply chain connected to threat actors that had ties to the North Korean government. These hacking techniques involve attacking a well-known service to compromise its users eventually. In July, a hacking attempt that eventually targeted Bitcoin companies targeted Jump Cloud, which offers identity and access management solutions for office computers. Because Jump Cloud offered these services, it was chosen as the target. A state-sponsored organization in North Korea that was looking for bitcoins is believed to have conducted a similar hack. Attackers targeted 3CX, a supplier of commercial phone service, in March. The Federal Bureau of Investigation (FBI) has determined that hackers operating on behalf of North Korea's government were responsible for three instances that impacted Bitcoin companies in June. On June 22–23, hackers stole $60 million from AlphaGo and $37 million from CoinsPaid, while on June 2–22, they took $100 million from Atomic Wallet. Microsoft revealed earlier this week that it had found evidence of yet another hit on a supply chain, this time by hackers collaborating with North Korean intelligence services. The same group of hackers carried out the attack. This time, thieves included a malicious file with the installation of a genuine photo and video editing tool. North Korea has continually maintained that it is not involved in cyber-espionage operations or Bitcoin theft, even in the
face of evidence to the contrary being presented by US prosecutors and United Nations investigators. Evidence from Korea's National Intelligence Service and Britain's National Cyber Security Centre shows that DPRK state-linked cyber attackers have been increasingly prolific and sophisticated in their supply chain attacks in recent years. Attacks on supply networks have become far more frequent and sophisticated. Many international organizations use software supply chain products, which are attacked by malicious actors using tactics like zero-day attacks and multiple exploits. Details on another incident that occurred in March and employed MagicLine4NX, a popular authentication method in South Korea, are included in the report. The Reconnaissance General Bureau of North Korea used the program to gather intelligence and spy on South Korea. The warning claims that these attacks align with and greatly aid in accomplishing larger DPRK state priorities. These objectives include spying and generating income, along with the theft of cutting-edge technologies from various industries, including but not limited to defence. According to Paul Chichester, head of operations at the National Cyber Security Centre (NCSC), assaults on software supply chains can have significant and far-reaching effects on the affected firms. Software supply chain attacks can have serious and far-reaching effects on enterprises in a world where everything is getting more digital and networked daily. We strongly advise enterprises to implement the precautionary steps described in the guidelines to enhance their resilience to supply chain attacks and lower the risk of compromise. References https://therecord.media/south-korea-uk-warning-supply-chain-attacks-north-korea? &web_view=true
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Bank of Choice.docx
WGU C838 (83).pdf
Apple, ESPN.docx
Order 2009246_Nursing.docx
Maria Paola Ruffo _CS10419_LIFE CYCLE MANAGEMENT PROCESSES_Assessments 2.docx
05-04_task.pdf
Cloud_Computing_Security_Assignment_1.docx
CNS_Replies_6.docx
Screenshot_20231116-235914.jpg
CHALLENGE 1.2 _ 9Conflict Resolution _ Sophia Learning.pdf
Why Is Temu So Cheap and What You Should Know.docx
HcnbBI-72SYD1LO4OnDp8rS-__1_.jpeg