How Nobelium Exposed the Software Release Process for Future Attacks
Why Engineering Teams are Upping Their Game to Stop Software Tampering Threats
According to Microsoft, Nobelium - the threat actor behind the successful Sunburst attack - targeted over 140 software and service providers in 2021, and likely breached 14 of them. Other sophisticated attackers, such as Lazarus Group and HoneyMyte, were also focused on tampering with software from trusted providers to gain entry into target enterprises.
The new problem at hand is that these new malicious methods are often invisible to traditional code reviews, especially if modifications were made to software binaries during the final integration and release stage. There are a number of questions engineering and security teams are starting to ask themselves now that software integration and delivery pipelines are directly targeted by attackers,
• What new application security challenges will software engineering teams face?
• How can software engineering evolve its security assessments going forward?
• What role will the cybersecurity Executive Order and other new regulations play in that evolution?
• What practical steps can be taken to identify tampering and protect downstream users?
Igor Lasic, ReversingLabs VP of Technology, and Mike Cote, ReversingLabs Senior Director of Product Management, wrestle with those questions while also responsible for delivering ReversingLabs software. During this webinar, they provide a “from the trenches” viewpoint on these new challenges while discussing practical strategies and tooling for mitigating sophisticated supply chain risks.