Many recent cyber attacks on enterprise involved penetrating into their product build infrastructure. The motive here is either to stole code signing certificates or to access source code. Build machines are the hot spots which either holds source code, certificates or it will be having access to machines which are hosting source code or certificates. In the recent attacks, the certificates are stolen from these machines and they used it to sign their own malware with well known enterprise certificates. They may lure some other customers to install their malware. Customers believe it as a genuine software, since it is signed by branded enterprise.
Hence build infrastructure, code signing environments are the critical resources of the organization which needs to be guarded with utmost care to prevent these advanced threats. The build engineers, release engineers needs to be proactive and adapt to these challenging scenarios and contribute in prevention of these advanced threats.
A lethargic build/release engineer may become hackers bunny. Any successful attack with certificates will bring down that enterprise trust in the industry.
Refer below stories which describes how they got attacked.
Adobe: http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html
Bit9: https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/
RSA: http://blogs.rsa.com/anatomy-of-an-attack/
http://krebsonsecurity.com/2011/05/advanced-persistent-tweets-zero-day-in-140-characters/
https://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
Hence build infrastructure, code signing environments are the critical resources of the organization which needs to be guarded with utmost care to prevent these advanced threats. The build engineers, release engineers needs to be proactive and adapt to these challenging scenarios and contribute in prevention of these advanced threats.
A lethargic build/release engineer may become hackers bunny. Any successful attack with certificates will bring down that enterprise trust in the industry.
Refer below stories which describes how they got attacked.
Adobe: http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html
Bit9: https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/
RSA: http://blogs.rsa.com/anatomy-of-an-attack/
http://krebsonsecurity.com/2011/05/advanced-persistent-tweets-zero-day-in-140-characters/
https://krebsonsecurity.com/2013/02/security-firm-bit9-hacked-used-to-spread-malware/
0 comments:
Post a Comment