Skip to main content
Microsoft Security

Searchresults for: supply chain attacks

Midnight Blizzard icon
Published
13 min read

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files 

...credentials, supply chain attacks, compromise of on-premises environments to laterally move to the cloud, and leveraging service providers’ trust chain to gain access to downstream customers. Midnight Blizzard is known to use the Active Directory Federation Service (AD FS) malware known...-phishing attempts, which are common attack techniques and do not represent any new compromise of Microsoft. The spear-phishing emails in this campaign were sent to thousands of targets in over 100 organizations and contained a signed Remote Desktop Protocol (RDP) configuration file that connected... attack surface reduction rules to help prevent common attack techniques used by threat actors.Block executable content from email client and webmail...

A group of security professionals gather around a computer screen.
Published
5 min read

Microsoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI study 

...as are supply chain attacks that target third-party software. Cyberattackers move at lightning speed in the cloud, and, due to the advent of generative AI, their attacks are increasing in number, speed, and sophistication. To address this emergent risk, organizations of all sizes can unify their security and compliance, from code to runtime, in hybrid... The broad adoption of multicloud and hybrid infrastructures has introduced new complexity to the cloud estates of many businesses. With this complexity comes a broader attack surface for would-be data thieves. Sophisticated ransomware attacks that exploit vulnerabilities in cloud infrastructure are on the rise... “Microsoft is capturing 10% of real incidents [not caught by other solutions deployed], reducing our attack surface by 10%." —Chief information security officer (CISO), Technology Defender...

Image of New York City at night.
Published
3 min read

Defending the power grid against supply chain attacks—Part 1: The risk defined 

...of the industry, you may be vulnerable. This blog series, “Defending the power grid against supply chain attacks,” analyzes how these attacks are conducted and the steps utilities, device manufacturers, and software providers can take to better secure critical infrastructure. Why it matters Modern warfare is no longer conducted...against supply chain attacks series will offer practical advice for both the utilities and their vendors. Stay tuned for: Part 2: Secure the hardware and software used by utilities Part 3: Risk management strategies for the utilities industry In the meantime, whether you are a utility or one its suppliers, you...and the utility industry has learned to respond rapidly and effectively to these events. But what happens if service interruptions become more unpredictable and affect large geographical regions with huge populations? This is a risk that utilities and their supply chain must continue to address. Nation state actors and other adversaries have...

Image of a worker at his desk.
Published
5 min read

Guarding against supply chain attacks—Part 3: How software becomes compromised 

...that software engineers use to build applications and products. All this software can be difficult to track and can be vulnerable to attack if not known and/or not managed properly. In the U.S. Department of Defense’s Defense Federal Acquisition Regulation Supplement, a supply chain risk is defined as “the risk that an adversary may sabotage...understand and mitigate your risk. This Part 3 of our five-part blog series entitled “Guarding against supply chain attacks” illustrates how software supply chain attacks are executed and offers best practices for improving the quality of the software that undergirds your applications and business. Examples of software supply chain attacks...with global reach Starting in 2012 the industry began to see a marked increase in the number of attacks targeted at software supply chains each year. Like other hacking incidents, a well-executed software supply chain attack can spread rapidly. The following examples weaponized automatic software updates to infect computers in large and small...

Image of a tech worker at his desk looking at a computer.
Published
5 min read

Guarding against supply chain attacks—Part 1: The big picture 

These compromises in the safety and integrity of your supply chain can threaten the success of your business, no matter the size of your operation. But typically, the longer your supply chain, the higher the risk for attack, because of all the supply sources in play. In this blog series, “Guarding against supply chain attacks,” we examine...various components of the supply chain, the vulnerabilities they present, and how to protect yourself from them. Defining the problem Supply chain attacks are not new. The National Institute of Standards and Technology (NIST) has been focused on driving awareness in this space since 2008. And this problem is not going away. In 2017...and 2018, according to Symantec, supply chain attacks rose 78 percent. Mitigating this type of third-party risk has become a major board issue as executives now understand...

Published
4 min read

Guarding against supply chain attacks—Part 2: Hardware risks 

The challenge and benefit of technology today is that it’s entirely global in nature. This reality is brought into focus when companies assess their supply chains, and look for ways to identify, assess, and manage risks across the supply chain of an enterprise. Part 2 of the “Guarding against supply chain attacks” blog series examines the hardware...supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks. Unpacking the hardware supply chain A labyrinth of companies produces mobile phones, Internet of Things (IoT) devices, servers, and other technology products that improve our lives. Product designers outsource...Attackers who target hardware typically manipulate a handful of components or devices, not an entire batch. This means that unusual device activity may resemble an anomaly rather than a malicious act. The complexity of the supply chain itself also resists easy investigation. With multiple players, some of whom are subcontracted by vendors...

Aerial view of port and freeways leading to downtown Singapore.
Published
5 min read

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry 

Figure 1: Increased attacks on critical infrastructure This is the third and final post in the “Defending the power grid against supply chain attacks” series...“Defending the power grid against supply chain attacks: Part 2 – Securing hardware and software...target the utility supply chain to insert malware into devices destined for the power grid. As modern infrastructure becomes more reliant on connected devices, the power industry must continue to come together to improve security at every step of the process...

Attack inception: Compromised supply chain within a supply chain poses new risks
Published
11 min read

Attack inception: Compromised supply chain within a supply chain poses new risks 

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor...instead to a second software vendor that hosted additional packages used by the app during installation. This turned out be an interesting and unique case of an attack involving "the supply chain of the supply chain". The attackers monetized the campaign using...While the impact is limited, the attack highlighted two threat trends: (1) the escalating frequency of attacks that use software supply chains as threat vector, and (2) the increasing use of cryptocurrency miners as primary means for monetizing malware campaigns. This new supply chain incident did not appear to involve nation-state attackers...

Image of an electronics factory.
Published
5 min read

Defending the power grid against supply chain attacks—Part 2: Securing hardware and software 

Figure 1: You can use Conditional Access policies to define when someone is promoted to sign in with MFA. Secure privileged access In a supply chain attack...demonstrated that they are capable of attacking a nation’s power grid through internet-connected devices. As utilities and their suppliers race to modernize our infrastructure, it’s critical that cybersecurity measures are prioritized...In the first blog in the “Defending the power grid against cyberattacks” series, I walked through how the accelerated adoption of the Internet of Things (IoT) puts utilities and citizens at risk of attack from nation state actors. In this post, I’ll provide guidance for how...

Image of cranes.
Published
6 min read

Improve cyber supply chain risk management with Microsoft Azure 

For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. Supply chain attacks target software developers, systems integrators, and technology...cyber supply chains in Information Communications and Technology (ICT) products and services. Supply chain attacks are most concerning because they target vulnerabilities in your infrastructure before you even deploy your assets and software. Attackers can: Compromise software building tools to ensure that their malware...into hardware, firmware, and field-programmable gate arrays (FPGAs). Pre-install malware onto IoT devices before they arrive to target organizations. Managing Supply Chain Risk Management (SCRM) to defend against supply chain attacks Defending against supply chain attacks requires a comprehensive approach to managing Supply...