AI/ML, AI benefits/risks

Three ways to mitigate AI-based supply chain attacks

Share
AI Security

Our adversaries view the software supply chain as a powerful go-to attack vector. Threat actors  target build environments, software and cloud suppliers, and others in enterprise ecosystems because inserting one piece of malicious software into the provider’s system increases the potential impact.

Now, with the fast adoption of AI by threat actors, we see the dawn of the Golden Supply Chain Attack era. 

The attack landscape has already been littered with supply chain victims. A new study reveals that 100% of AppSec professionals worldwide reported experiencing a software supply chain attack in the past, with two-thirds impacted in the past two years. 

While it’s hard to detect use of AI tools in the wild, there’s a growing number of supply chain attacks where such tools could increase the speed at which attackers operate and scale their ability to conduct campaigns. Here are some recent examples: 

Companies may have different security posture maturity levels, but they all have software dependencies that put them at risk. Targeting a global bank takes more work than targeting its weakest third-party supplier, and doing so can increase the number of potential victims. Companies can typically manage their direct partnership, but they have no visibility beyond the first line of trust. 

Take cloud service providers. They depend heavily on third parties. Microsoft in 2020 admitted to having more than 10,000 such dependencies. Given a cloud provider’s large number of customers, a supply chain attack could affect millions.  

These cloud dependencies present blindspots for CISOs and other security leaders. The CISO of a large global bank will most likely have taken measures to shield the company from cyber and physical threats — if not, they’ll probably be looking for a new job soon. It’s common for a bank to base its infrastructure and CI/CD pipeline on one of the big cloud providers, among other third parties.

But if there’s an attack against a big cloud provider, there’s a good chance the bank was protected with a multi-cloud strategy and production workloads could get migrated to another cloud service. However, if one of their other third-party providers, like a data observability platform, is a customer of the cloud provider that was attacked, they could get compromised as well. This puts the bank at risk and the CISO may not know it.

When AI gets included in the threat actor’s arsenal, the attacks are now automated and happen more quickly, putting blue teams at even greater disadvantage than they are now, having to manually find and eject rogue malware and threat actors. AI lets adversaries move faster and map dependencies and redundancy levels and revive activities that may have been shut down, particularly where there are open source dependencies. 

The U.S. government and industry are trying to address the problem with Software Bill of Materials (SBOM) guidance, and the Vulnerability Exploitability Exchange (VEX), but most companies have yet to implement them.

One reason for the slow adoption: there’s often a high rate of “false positives” that aren’t exploitable. That’s because an SBOM specifies a high-level component, but not a specific module within the component. VEX aims to improve that by adding the exploitability factor into the equation when evaluating CVEs and software components. 

Until those issues are resolved and the tools are fully implemented, organizations need to manage their third-party dependency risks carefully. Here are three tips:

  • Limit third-party privileges to the bare minimum: Follow the least privilege principle, and proactively set the proper observability measures.
  • Leverage MITRE ATT&CK: Use the MITRE ATT&CK matrix for faster identification and mitigation since most recent supply chain attacks involved known TTPs.
  • Improve analysis and testing: To safeguard the CI/CD pipeline, companies should use software composition analysis and status and dynamic application security testing, as well as raw code analysis tools to detect unsanctioned or malicious changes to the software. 

AI will significantly change the dynamics and scope of supply chain attacks, allowing for speedier and more precise compromises and the ability to reach a wider pool of victims, with higher persistence and more prolonged presence in the target network. Security teams really must adjust to this new reality.  

Lior Yakim, threat researcher, CyberArk Labs

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.