ein Artikel von Verena Eichinger, Amelie Kassner und Elisa Zeller
Quellen
| [1] | Abrams, L. (2021, 26. Juli). Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities. BleepingComputer. https://www.bleepingcomputer.com/news/security/researchers-warn-of-unpatched-kaseya-unitrends-backup-vulnerabilities/ |
| [2] | Bajak, F. (2020, 19. Dezember). Hacked networks will need to be burned „down to the ground“. AP NEWS. https://apnews.com/article/hacking-russia-bafff5557a8941aa1a5ef239d36c4e28 |
| [3] | Bing, C. (2020, 19. Dezember). Second hacking team was targeting SolarWinds at time of big breach. Reuters. https://www.reuters.com/article/usa-cyber-solarwinds/second-hacking-team-was-targeting-solarwinds-at-time-of-big-breach-idINKBN28T0SZ |
| [4] | CISQ. (o. D.-a). Overview | CISQ – Consortium for Information & Software Quality. CISQ Consortium for Information & Software Quality. Abgerufen am 3. August 2021, von https://www.it-cisq.org/overview.htm |
| [5] | CISQ. (o. D.-b). Software Bill of Materials | CISQ – Consortium for Information & Software Quality. CISQ Consortium for Information & Software Quality. Abgerufen am 3. August 2021, von https://www.it-cisq.org/software-bill-of-materials/index.htm |
| [6] | CISQ. (o. D.-c). Software Quality Standards – ISO 5055 | CISQ – Consortium for Information & Software Quality. CISQ Consortium for Information & Software Quality. Abgerufen am 3. August 2021, von https://www.it-cisq.org/standards/code-quality-standards/ |
| [7] | CrowdStrike Intelligence Team. (2021, 11. Juli). SUNSPOT Malware: A Technical Analysis | CrowdStrike. CrowdStrike Blog. https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/ |
| [8] | Ekran. (o. D.). Ekran System — Full Cycle Insider Risk Management Solution. Abgerufen am 7. August 2021, von https://www.ekransystem.com/de |
| [9] | FireEye. (2020, 13. Dezember). Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html |
| [10] | Gatlan, S. (2021, 31. Juli). DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices. BleepingComputer. https://www.bleepingcomputer.com/news/security/doj-solarwinds-hackers-breached-emails-from-27-us-attorneys-offices/ |
| [11] | Google. (2021b, Juni 16). Introducing SLSA, an End-to-End Framework for Supply Chain Integrity. Google Online Security Blog. https://security.googleblog.com/2021/06/introducing-slsa-end-to-end-framework.html |
| [12] | Grane, V. (2021, 13. Juli). How a supply chain attack closed one of Sweden’s largest supermarket chains. IBM Nordic Blog. https://www.ibm.com/blogs/nordic-msp/how-a-supply-chain-attack-closed-one-of-swedens-largest-supermarket-chains/ |
| [13] | GRC World Forums. (2021, 7. Juli). REvil hits thousands in largest-ever ransomware attack. https://www.grcworldforums.com/ransomware/revil-hits-thousands-in-largest-ever-ransomware-attack/2167.article |
| [14] | Greive, M. (2021, 14. Juli). Corona dreht die Globalisierung nicht zurück. Handelsblatt. https://www.handelsblatt.com/politik/international/ifo-umfrage-kein-ende-der-globalisierung-deutsche-wirtschaft-setzt-weiter-auf-weltweite-lieferketten/27422444.html?ticket=ST-462586-M4fRdtOHNusBDQjfiUEn-ap3 |
| [15] | Hammond, J. (2021, 20. Juli). Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident. Huntress. https://www.huntress.com/blog/security-researchers-hunt-to-discover-origins-of-the-kaseya-vsa-mass-ransomware-incident |
| [16] | Kaczorowski, M. (2021, 2. September). Secure at every step: What is software supply chain security and why does it matter? The GitHub Blog. https://github.blog/2020-09-02-secure-your-software-supply-chain-and-protect-against-supply-chain-threats-github-blog/ |
| [17] | Kaseya. (2021, 29. Juli). Important Notice July 29th, 2021. https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689 |
| [18] | Kaseya. (o. D.). Incident Overview & Technical Details. Abgerufen am 3. August 2021, von https://helpdesk.kaseya.com/hc/en-gb/articles/4403584098961 |
| [19] | Kessem, L. (2021, 7. Juli). REvil Ransomware Gang Launches Major Supply Chain Attack Through Kaseya. Security Intelligence. https://securityintelligence.com/posts/revil-ransomware-kaseya-supply-chain-attack/ |
| [20] | Korolov, M. (2021, 4. Februar). Supply chain attacks show why you should be wary of third-party providers. CSO Online. https://www.csoonline.com/article/3191947/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html |
| [21] | Kost, E. K. (2021, 30. Juni). 11 Tactics to Prevent Supply Chain Attacks (Highly Effective) | UpGuard. UpGuard. https://www.upguard.com/blog/how-to-prevent-supply-chain-attacks#toc-11-tips-how-to-prevent-supply-chain-attacks |
| [22] | Krebs, B. (2020a, Dezember 14). U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise. KrebsOnSecurity. https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/ |
| [23] | Krebs, B. (2020b, Dezember 16). Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’. KrebsOnSecurity. https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/ |
| [24] | Krebs, B. (2020c, 18. Dezember). VMware Flaw a Vector in SolarWinds Breach? KrebsOnSecurity. https://krebsonsecurity.com/2020/12/vmware-flaw-a-vector-in-solarwinds-breach/ |
| [25] | Krebs, B. (2021a, 12. Januar). SolarWinds: What Hit Us Could Hit Others. KrebsOnSecurity. https://krebsonsecurity.com/2021/01/solarwinds-what-hit-us-could-hit-others/ |
| [26] | Krebs, B. (2021b, April 16). Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? KrebsOnSecurity. https://krebsonsecurity.com/2021/04/did-someone-at-the-commerce-dept-find-a-solarwinds-backdoor-in-aug-2020/ |
| [27] | Lemon, J. (2020, 15. Dezember). SolarWinds Hides List of Its High-Profile Corporate Clients After Hack. Newsweek. https://www.newsweek.com/solarwinds-hides-list-its-high-profile-corporate-clients-after-hack-1554943 |
| [28] | Microsoft Defender Security Research Team. (2018, 26. Juli). Attack inception: Compromised supply chain within a supply chain poses new risks. Microsoft Security Blog. https://www.microsoft.com/security/blog/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/ |
| [29] | Microsoft 365 Defender Research Team & Microsoft Threat Intelligence Center. (2020, 18. Dezember). Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers. Microsoft Security Blog. https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/ |
| [30] | Möbus, M. (2021, 26. Juli). GitLab schickt Package Hunter auf die Jagd nach Schadcode. Developer. https://www.heise.de/news/GitLab-schickt-Package-Hunter-auf-die-Jagd-nach-Schadcode-6147526.html |
| [31] | MSRC. (2020, 13. Dezember). Customer Guidance on Recent Nation-State Cyber Attacks. Microsoft Security Response Center. https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/ |
| [32] | MSRC Team. (2020, 21. Dezember). Nobelium Resource Center – updated March 4, 2021. Microsoft Security Response Center. https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ |
| [33] | Reed, M., Miller, J. F. & Popick, P. (2014). Supply Chain Attack Framework and Attack Patterns.Office of the Deputy Assistant Secretary of Defense. https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.648.6043&rep=rep1&type=pdf |
| [34] | Riley, W. (o. D.). SUPERNOVA SolarWinds .NET Webshell Analysis. GuidePoint Security. Abgerufen am 3. August 2021, von https://www.guidepointsecurity.com/blog/supernova-solarwinds-net-webshell-analysis/ |
| [35] | Schirrmacher, D. (2021, 12. Juli). Jetzt patchen! Sicherheitspatch schließt REvil-Lücke in Kaseya VSA. Security. https://www.heise.de/news/Jetzt-patchen-Sicherheitspatch-schliesst-REvil-Luecke-in-Kaseya-VSA-6134473.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag |
| [36] | Schmidt, J. (2021, 14. Juli). Cybercrime-Bande REvil von der Bildfläche verschwunden. Security. https://www.heise.de/news/Cybercrime-Bande-REvil-von-der-Bildflaeche-verschwunden-6137119.html?wt_mc=rss.red.ho.top-news.atom.beitrag.beitrag |
| [37] | Schneier, B. (2021, 1. März). National Security Risks of Late-Stage Capitalism – Schneier on Security. Schneier on Security. https://www.schneier.com/blog/archives/2021/03/national-security-risks-of-late-stage-capitalism.html |
| [38] | SecureTeam. (2021, 24. Februar). What is a dependency confusion attack? https://secureteam.co.uk/news/what-is-a-dependency-confusion-attack/ |
| [39] | Segerer, N. (2020, 31. Juli). So steht es um die Software Supply Chain. ZDNet.de. https://www.zdnet.de/88381932/so-steht-es-um-die-software-supply-chain/ |
| [40] | Simpson, D., Halfin, D., Gorzelany, A. M., Woodbury, B. & “eavena”. (2021, 13. April). Supply chain attacks – Windows security. Microsoft Docs. https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/supply-chain-malware |
| [41] | Smith, B. (2020, 17. Dezember). A moment of reckoning: the need for a strong and global cybersecurity response. Microsoft On the Issues. https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/ |
| [42] | Software Engineering Institute. (2010, Mai). Evaluating and Mitigating Software Supply Chain Security Risks (CMU/SEI-2010-TN-016). https://apps.dtic.mil/sti/pdfs/ADA522538.pdf |
| [43] | SolarWinds. (2020, 14. Dezember). SolarWinds Customers. Internet Archive. https://web.archive.org/web/20201214143046/https:/www.solarwinds.com/company/customers |
| [44] | SolarWinds. (2021, 6. April). Security Advisory RE: CERT Emergency Directive | SolarWinds. https://www.solarwinds.com/sa-overview/certadvisory |
| [45] | SPIEGEL Netzwelt. (2021, 6. Juli). Consent. DER SPIEGEL, Hamburg, Germany. https://www.spiegel.de/consent-a-?targetUrl=https%3A%2F%2Fwww.spiegel.de%2Fnetzwelt%2Fweb%2Fransomware-bis-zu-1500-firmen-werden-von-revil-erpresst-a-4144c655-54d2-454a-b50c-c8ddbe8f161e |
| [46] | Storm, I. T. (2021, 30. Juli). REvil-Verschlüsselungs-Trojaner kam als Sicherheitsupdate getarnt. c’t Magazin. https://www.heise.de/hintergrund/REvil-Verschluesselungs-Trojaner-kam-als-Sicherheitsupdate-getarnt-6151108.html |
| [47] | Sveriges Radio. (2021, 8. Juli). Coop supermarkets reopen after ransomware attack on US tech provider. Radio Sweden | Sveriges Radio. https://sverigesradio.se/artikel/coop-supermarkets-reopen-after-ransomware-attack-on-us-tech-provider |
| [48] | Symantec Thread Hunter Team. (2021, 18. Januar). Raindrop: New Malware Discovered in SolarWinds Investigation. Symantec Blogs. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-raindrop-malware |
| [49] | Tech Target Contributor. (2021, 7. Mai). Kill switch. Techtarget. https://whatis.techtarget.com/definition/kill-switch |
| [50] | Tennis, M. (2020, 17. Dezember). SUPERNOVA: A Novel .NET Webshell. Unit42. https://unit42.paloaltonetworks.com/solarstorm-supernova/ |
| [51] | Tucker, E. (2021, 20. Mai). Hackers targeted SolarWinds earlier than previously known. AP NEWS. https://apnews.com/article/hacking-business-technology-government-and-politics-b221968496ed498457ab56aae7970c90 |
| [52] | UpGuard. (o. D.). About Us. UpGuard. https://www.upguard.com/about |
| [53] | Venables, P. & Adkins, H. (2021, 15. Januar). How we’re helping to reshape the software supply chain ecosystem securely. Google Cloud Blog. https://cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely |
| [54] | Wikipedia-Autoren. (2021a, 20. März). Lieferkette. Wikipedia. https://de.wikipedia.org/wiki/Lieferkette |
| [55] | Wikipedia-Autoren. (2021b, Mai 31). Managed Services Provider. Wikipedia. https://de.wikipedia.org/wiki/Managed_Services_Provider |
| [56] | Wikipedia-Autoren. (2021c, Juni 9). Indicator of compromise. Wikipedia. https://de.wikipedia.org/wiki/Indicator_of_compromise |
| [57] | Wikipedia contributors. (2021, 23. Juli). Supply chain attack. Wikipedia. https://en.wikipedia.org/wiki/Supply_chain_attack |
Leave a Reply
You must be logged in to post a comment.