Three Steps Toward Securing Software Supply Chains
Code is the foundation for every piece of technology, from smartphones to industrial robots to the networks that connect them. That also makes it the foundation for every application, business process and services that uses those technologies. Hackers recognize this fact and leverage it. A recent, high-profile example is the attack on FireEye that used multiple trojanized updates to SolarWind’s Orion software. By targeting software providers, the hackers were able to install back doors into companies that, in turn, enabled them to reach their intended targets: the government agencies that received services from those companies.
Read more here.