State-linked cyber attacks have increased recently amid geo-political tensions.
The National Cyber security centre (NCSC) and the Republic of Korea have issued a warning of state-linked cyber threats attacking the software supply chain from the Democratic People’s Republic of Korea (DPRK).
The NCSC and the Republic of Korea’s National Intelligence Service (NIS) have issued a joint advisory on advanced methods to attack global organisations, using highly sophisticated techniques, including leveraging zero-day vulnerabilities and third-party software, to gain access to specific targets or indiscriminate organisations via their supply chains.
The NCSC and the NIS view these supply chain attacks as aligning with and significantly contributing to the main priorities of DPRK. These priorities include generating revenue, conducting espionage, and stealing advanced technologies.
Oseloka Obiora, Chief Technology Officer at RiverSafe, commented:
“A supply chain is only as strong as its weakest link and with the latest round of state-linked threats, it is vital that cybersecurity teams are on full alert. Global supply chains are complex webs tied together by digital connections, introducing an array of vulnerabilities that need to be regularly monitored and managed. RiverSafe’s latest research highlighted that only 45 per cent of security teams have a system in place to review the cybersecurity risks posed by immediate suppliers, so it’s no wonder that malicious actors are targeting supply chains as a weak point of entry.”
“To bolster cyber defences, it’s important for security teams to have effective network visibility, through observability, monitoring the conditions of networks and infrastructure based on data outputs. This can give teams the ability to monitor the “unknowns unknowns” to better prepare for unexpected activity or technical issues within a network, especially those across distributed IT systems.”
The warning comes after the recent announcement of a new Strategic Cyber Partnership between the UK and the Republic of Korea. Signed yesterday, as part of a landmark new Accord, both nations committedly collaborated in undertaking shared cyber threats.
The advisory warns that the risk of attacks from DPRK state-linked actors is expected to rise, urging organisations to follow recommended measures for protection. This involves consulting the NCSC's supply chain security guidance, providing advice on establishing strong control and oversight of your supply chain to enhance security.
Paul Chichester, NCSC Director of Operations said:
“In an increasingly digital and interconnected world, software supply chain attacks can have profound, far-reaching consequences for impacted organisations.“Today, with our partners in the Republic of Korea, we have issued a warning about the growing threat from DPRK state-linked cyber actors carrying out such attacks with increasing sophistication.“We strongly encourage organisations to follow the mitigative actions in the advisory to improve their resilience to supply chain attacks and reduce the risk of compromise.”