Deconstructing Supply Chain Attacks and Infiltrating a Biohacker's Mind
Imagine your organization is under attack and the clock is ticking. But since your adversary has privileged access to every system, and can impersonate any identity in your environment, you don't even know you're being targeted. Can you find the attacker before it's too late? It's a question security leaders are grappling with in scrum meetings, board room discussions and government briefings alike.
While supply chain attacks are nothing new, SolarWinds, Codecov and other recent breaches have demonstrated what's possible in terms of attacker innovation and scale. By examining revelations from these attacks, it's clear that the compromise of identity and subsequent manipulation of privileged credentials were instrumental in their success.
Through phishing, social engineering, software vulnerabilities or other means, motivated attackers can almost always find a way to establish a foothold. Once they do, they often follow these well-established steps in the attack chain:
- Attempt to steal and abuse the identities and credentials of employees or third parties.
- Use these legitimate credentials to move laterally and vertically through the network, looking for high-value targets or to establish persistence, disguised as "authorized" users.
- Target privileged account credentials that provide special access to systems and escalate these privileges until they reach their target.
- Exfiltrate critical customer, financial data or intellectual property, or threaten to shut down systems or leak sensitive data unless a ransom is received.
By embracing a Zero Trust mindset and assuming that any identity — whether human or machine — in your network may have been compromised, you can turn your attention to identifying, isolating and stopping threats before they can do harm.
Join the CyberArk talk, "Anatomy of a Breach with CyberArk Labs: Supply Chain & Privilege," to deconstruct the phases of recent supply chain attacks — from initial infection and customer targeting through privileged escalation and exfiltration.
Such attack deconstructions and threat research are helping security professionals protect against digital threats. But what happens when they come up against someone who is both the attacker and the attack vector?
What if a rogue employee on a mission to take down the company goes as far as biohacking their own body, implanting an RFID microchip that unlocks physical doors to company buildings and secretly stores and pilfers out sensitive data and files? Or, potentially worse, someone who conceals an entire Linux system beneath their skin, passes every physical and digital security check, and makes off with your most valuable corporate assets?
At Black Hat, hear from Len Noe, a self-proclaimed "cyborg" who has undergone a series of bio-implants to delve deeper into the mind of an attacker. His CyberArk talk, "Biohacking: The Invisible Threat," will explore the collision between human augmentation and cyber warfare; demonstrate how biohacking can threaten physical and digital security; and help security professionals prepare for this new frontier.