Securing Your Digital Supply Chain
Dealing with detection blindspots
Supply chain attacks are some of the most difficult cyber threats to guard against because they exploit the relationship between vendors and customers, often leveraging machine-to-machine communication channels that are trusted by users. As demonstrated by the Solar Winds hack, these attacks can extend far beyond the initial target and may go undetected for a prolonged period of time. At Hunt & Hackett, we believe that being aware of the integrations and dependencies in your digital supply chain is the first step to securing it. This information can be used to develop tailored detection logic, specific to your organisation's individual supply chain and threat landscape. Detecting sophisticated supply chain attacks becomes less of a pipe dream, and more of a reality.
Interested in learning more about how you can secure your digital supply chain? Sign up for this exclusive roundtable, which will bring together business leaders and cybersecurity experts to discuss how detection engineering can safeguard organisations from novel attack techniques.
- 15:00 – 15:30
- 15:30 – 16:00
Mattijs Dijkstra, Senior Incident Handler at Hunt & Hackett, will explain the importance of detection engineering and developing behavioural detection logic in order to mitigate the threats posed by supply chain attacks.
- 16:00 -17:00
Event host, Marcel van Oirschot, will lead a group discussion on the topic.
- 17:00 – 17:30
We will conclude with some key takeaways and recommendations from Hunt & Hackett's security experts.
- 17:30 – 18:00
Sign Up Now
Detecting targeted attacks
The 'Detect the Undetectable' paradox
To reduce your business risk as an organization, it is vital to understand your threat landscape and what this requires from your security monitoring solution in terms of detection data sources, detection logic and detection technology. To address the ‘detect the undetectable paradox’, this article will substantiate the importance of detection engineering and developing behavioral detection logic for organizations that may have to deal with sophisticated attacks. This concept on detection is demonstrated based on a case study and more specifically the SolarWinds attack that took place in 2020, as it is one of the most significant recent breaches.
The MITRE ATT&CK framework provides an important piece of the puzzle with regards to developing detection logic. By mapping out the threat landscape, you can translate this into a MITRE ATT&CK coverage map, to see where there is coverage from a detection logic perspective. However, MITRE ATT&CK comes with a blind spot as it is about the observed threats. So, what about the unknown threats? This is where the threat lifecycle comes into play, giving insight into the different stages a threat might be in and what this means for detecting it. In the end it will be difficult to detect something that is both unknown and where detection logic is lacking, yet it is vital to protect an organization against sophisticated targeted attacks. In other words, this is the “detect the undetectable paradox” faced by organizations with a high-risk profile.
Interested in learning more? Read our whitepaper at the link below.