Hackers of India

Software Supply Chain Cyberattack

 Samiran Ghatak 



Few months back, the Windows Defender Advanced Threat Protection (Windows Defender ATP) research team noticed security alerts that captured an interesting attack pattern.

These alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology and financial organizations with possible intentions of a cyberespionage campaign.

An unknown attacker was taking advantage of a silent yet effective attack vector: the compromised update mechanism or software supply chain for a third-party editing tool. We would discuss the scenarios observed and how this vector is quite effective for larger enterprise / business.

I am a Security Analyst with Microsoft in Digital Security and Risk Engineering team with a total work experience of 8+ years dealing with Win Forensics, investigation and Security Ops.