December 20, 2020

SolarWinds: Software Supply Chain Attack

Threat Type
Vulnerability
Entry Type
Security Guidance
Platform(s) Affected
Vulnerability
Security Guidance

Lookout detects app risks and ensures compliance

With the rich data from our mobile app risk assessments in the Lookout Security Graph, you are able to create app scoring customized to your organization’s governance, risk and compliance requirements. We enable you to understand how apps interact with each other, the geo-location of IP addresses to which an app communicates, if an app has risky or malicious components, and whether the data transfer and storage are encrypted.

Overview

The cyberattacks on organizations that were made possible by exploiting a vulnerability in the Solarwinds Orion product are exemplary of a software supply chain attack, in which a backdoor was created in a network management software used by 18,000 organizations. The associated malware has the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services. All traffic was made to look like typical network traffic for a management tool.

Lookout Analysis

Mobile apps could be susceptible to software supply chain attacks, particularly as many of the apps used by employees are not provided or vetted by IT. The cyberattacks enabled by Solarwinds exploit highlight the need to have visibility into everything that touches your corporate infrastructure – especially from third-party vendors.

In the context of mobile, it can be difficult to understand app permissions and how they access, handle, or transfer data on the device. Admins need a way to make informed decisions about whether they permit employees to use specific apps on their devices without invading their privacy.

In addition, it is critical to ensure app updates are performed securely by verifying app certificates to validate they are signed by the same developer as previous versions. It is recommended to always test an app software update from a third-party vendor in a sandbox environment to ensure it is safe for your employees.

Lookout detects app risks and ensures compliance

With the rich data from our mobile app risk assessments in the Lookout Security Graph, you are able to create app scoring customized to your organization’s governance, risk and compliance requirements. We enable you to understand how apps interact with each other, the geo-location of IP addresses to which an app communicates, if an app has risky or malicious components, and whether the data transfer and storage are encrypted.

Colleagues standing in an open meeting area and sharing a humorous moment

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Other Related Threats

New

September 15, 2023

Scattered Spider

Scattered Spider, aka UNC3944, was able to successfully target and gain access to the infrastructure of Caesars Entertainment in its latest campaign

September 19, 2023

CVE-2023-4863

September 18, 2023

ASPL 2023-09-01 / CVE-2023-35674