The Quarry launches Perfectly Paired Marble, Granite, and Onyx
Moscow City launches festive event for the Holiday Season targeting Global and Indian audience!
Published on January 3, 2023
By Harish Kumar GS, Head, Enterprise & Government, Check Point Software Technologies, India & SAARC
Over the course of the accelerated digital transformation over the past few years, the urgent need for remotely administered, agile, and scalable networks has accelerated moves to the cloud, which allows flexibility in scale and resource management, while enabling accessibility from anywhere. The dynamic nature of cloud-based infrastructure breaks traditional network boundaries but also introduces a variety of new challenges, making traditional security approaches ineffective.
While cloud infrastructure continues to be adopted by more organizations, businesses are not the only ones who have recognized the potential of the cloud. In recent years, there has been an unprecedented rise in the scale and sophistication of software supply chain attacks. From the SolarWinds software supply-chain attack to the exposed Apache Log4j vulnerability, threat actors have trained their sights on this space, targeting critical vulnerabilities in both cloud providers and supply chains.
Cloud computing in itself has seen multiple vulnerabilities in recent times – and as organizations continue to adopt the cloud, with 35% running more than 50% of their workloads on the likes of Azure, AWS and GCP, they struggle to manage the complexity of securing their cloud infrastructures across multiple cloud platforms, while also suffering a cyber-skills and knowledge shortage according to the Check Point 2022 Cloud Security Report.
The global report, based on a survey of 775 cyber security professionals, also revealed that cloud security incidents were up 10% from the previous year with 27% of organizations now citing misconfiguration, way ahead of issues like exposed data or account compromise. Here in India, according to the Check Point Threat Intelligence Report, an organization in India is being attacked on average 1798 times per week in the last 6 months, compared to 1126 attacks per organization globally, a worrying trend of increased cyberattacks.
The evolution of this, it seems, has seen cybercriminals take supply chain attacks to the cloud arena. We saw evidence of this in March when the notorious ransomware gang Lapsus$ released a statement claiming to have gained access to Okta, an identity management platform, by obtaining access to an administrative account. Okta is a cloud-based software used by thousands of companies to manage and secure user authentication processes. It is also used by developers to build identity controls. This means that hundreds of thousands of users worldwide could have been compromised by the Lapsus$ attack.
Exactly how many, however, is open to discussion. The hackers themselves claimed to have gained access to 95% of Okta’s clients, while Okta suggested just 2.5% of user details were compromised. Either way, the incident should serve as a warning sign for the potential risks posed by supply chain attacks.
What puts a supply chain at risk?
The industry has seen an increasing number of cyber-attacks that leverage weak supply chain methodologies. Currently, the most prominent supply chain risk that organizations are exposed to comes from open-source software. The open-source community provides many modules and packages that are regularly adopted by businesses across the world, including those within your supply chain.
The problem with open-source, however, is that it is inherently insecure. That is in part because it is written by individuals who may lack the expertise or budget to make them completely safe. The other issue with open-source code comes down to ownership. After all, once a package is released to the community, it is impossible to determine who owns it and who is responsible for maintaining it.
This creates a chink in your security architecture because the open-source packages that you import may have dependencies that you are simply not aware of. That is exactly what happened with NotPetya: an evolution of a pretty standard string of malware, NotPetya managed to infiltrate systems across the globe by relying on a piece of widely used open-source accounting software. This meant that it spread like wildfire, causing chaos in Ukraine as well as several major countries, including the U.K., France, Germany, Russia and the U.S.
The ubiquity of open-source software and code means that it can be hard for organizations to know if either they or their suppliers are vulnerable to this kind of attack. This makes supply chains an attractive target for cybercriminals who will invest time and resources into these attacks on the understanding that by breaching one system, they can quickly access many more.
How can you prevent potential attacks?
With the sheer velocity of malware and ransomware variants, the widespread growth of enterprise connected and personal devices, and the hybrid work model, it is nearly impossible for traditional human-created models to provide holistic and up-to-date security that would detect threats such as the Apache Log4j vulnerability exploit and supply chain attacks.
Check Point Software proposes the need for a broad and deep multi-layer security to protect customers at all stages of their cloud journey. At Check Point, through a unified platform – Check Point CloudGuard – we offer a broad range of different cloud security capabilities, so that organizations can minimize inefficiencies and maximize TCO when using different cloud providers. Organizations should consider a cybersecurity approach that focuses on threat-prevention and provides 360-degree visibility of their entire network, regardless of how far and wide it has been distributed.