Abstract
The fact that OEMs and OS vendors often sell devices with applications and services from third-party vendors poses security and privacy risks, whether device consumers are individuals or corporations. This chapter also details recent third party-based vulnerabilities (e.g., SolarWinds), and gives tactical recommendations. CISOs should be given the authority and resources to ensure that all third-party application and infrastructure software updates and patches are thoroughly tested and sandboxed before they are deployed in production. All network and endpoint infrastructure should be under the direct supervision of the CISO.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Symantec Security Response Team (2019) ASUS software updates used for supply chain attacks. Available via Broadcom Symantec Enterprise Blogs/Threat Intelligence. https://www.symantec.com/blogs/threat-intelligence/asus-supply-chain-attack
HP Product Security Response Team (2019) HPSBGN03620 rev. 4 – HP Support Assistant Escalation of Privilege Vulnerability. Support Communication Security Bulletin. https://support.hp.com/us-en/document/c06388027
Hadar P (2019) OEM software puts multiple laptops at risk. Available via SafeBreach blog. https://safebreach.com/Post/OEM-Software-Puts-Multiple-Laptops-At-Risk
Further Reading
Cimpanu C (2020) Microsoft and industry partners seize key domain used in SolarWinds hack. Available via ZDNet. https://www.zdnet.com/article/microsoft-and-industry-partners-seize-key-domain-used-in-solarwinds-hack/
FireEye (2020) Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims with SUNBURST Backdoor. Available via FireEye Blogs: Threat Research. https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html.
FireEye (2021) Sunburst Information https://www.fireeye.com/current-threats/sunburst-malware.html
Joint Task force (2020). NIST Special Publication 800-53 Revision 5 Security and Privacy Controls for Information Systems and Organizations. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
Jon Boyens, Rama Moorthy et al (2015). NIST Special Publication 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161.pdf
Krebs B (2020) Malicious Domain in SolarWinds Hack Turned into ‘Killswitch.’Available via Krebsonsecurity. https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/
Microsoft 365 Defender Team (2020) Using Microsoft 365 Defender to protect against Solorigate. https://www.microsoft.com/security/blog/2020/12/28/using-microsoft-365-defender-to-coordinate-protection-against-solorigate/
Rashid FY (2020) Stop** Solarwinds backdoor with a killswitch. Available via Decipher. https://duo.com/decipher/stop**-solarwinds-backdoor-with-a-killswitch
Reiner S (2020) Golden SAML Revisited: The Solorigate Connection. Available via Cyberark Threat Research Blog. https://www.cyberark.com/resources/threat-research-blog/golden-saml-revisited-the-solorigate-connection
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Badhwar, R. (2021). OEM and Third-Party Sourced Application and Services Risk. In: The CISO’s Next Frontier. Springer, Cham. https://doi.org/10.1007/978-3-030-75354-2_41
Download citation
DOI: https://doi.org/10.1007/978-3-030-75354-2_41
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-75353-5
Online ISBN: 978-3-030-75354-2
eBook Packages: Computer ScienceComputer Science (R0)