Warning on SolarWinds-like supply-chain attacks: 'They're just getting bigger'
Industry hasn't 'improved much at all' Mandiant's Eric Scales tells us
SCSW Back in 2020, Eric Scales led the incident response team investigating a state-backed software supply-chain attack that compromised application build servers and led to infections at government agencies and tech giants including Microsoft and Intel.
"It was similar to a fraternity rush - the best experience I never want to do again," Scales, head of incident response at Mandiant, told The Register. "It was quite intense. Little did we know we were going to be in the middle of the supply-chain attack of the decade."
This, of course, was the SolarWinds fiasco, which has since been attributed to Russia's Cozy Bear gang, and in addition to being the most high-profile supply-chain security breach, it was also during the COVID-19 lockdown, so the IR team's war room was entirely virtual.
More than two years later, "I don't think we've improved much at all," he said, referring to the industry's position on software dependencies and securing them. "It seems that supply chain attacks are just on the rise." And these days, criminals are especially keen on attacking open source software libraries, he noted in an interview you can watch above.
- Feeling VEXed by software supply chain security? You're not alone
- Uncle Sam orders federal agencies to step up scans for govt IT security holes
- Supply chain attacks will get worse: Microsoft Security Response Center boss
- Germany advises citizens to uninstall Kaspersky antivirus
Still, there are valuable lessons to be learned from SolarWinds, and Scales has some good tips on how companies can protect themselves and what organizations should do if they find themselves in a similar situation.
As Scales told us: "This problem is not going away — it's just going to get bigger." ®