Teaming up with... AVIVA

Welcome to the UKGI weekly regulation update service for Aviva ABC brokers

We hope you find the Updates useful. If you are
interested in subscribing to our affordable
ABC compliance support package, please
email us at ABC@ukgigroup.com or
call UKGI on our dedicated ABC
contact line 01925 767893.

UK and Republic of Korea issue warning about DPRK state-linked cyber actors attacking software supply chains

Nov 24, 2023 | NCSC

Link(s):UK and Republic of Korea issue warning about DPRK… – NCSC.GOV.UK

Context

The UK and the Republic of Korea have both warned that cyber actors linked to the Democratic People’s Republic of Korea (DPRK – North Korea) are increasingly targeting software supply chain products to attack organisations around the world.

Key points to note

In a new joint advisory, the National Cyber Security Centre (NCSC) – a part of GCHQ – and the National Intelligence Service (NIS) have detailed how DPRK state-linked cyber actors have been using increasingly sophisticated techniques to gain access to victims’ systems.  The actors have been observed leveraging zero-day vulnerabilities and exploits in third-party software to gain access to specific targets or indiscriminate organisations via their supply chains.  The NCSC and the NIS consider these supply chain attacks to align and considerably help fulfil wider DPRK-state priorities, including revenue generation, espionage and the theft of advanced technologies.

The advisory provides technical details about the malicious activity, case studies of recent attacks emanating from the DPRK and advice on how organisations can mitigate supply chain compromises.

Paul Chichester, NCSC Director of Operations

“In an increasingly digital and interconnected world, software supply chain attacks can have profound, far-reaching consequences for impacted organisations…We strongly encourage organisations to follow the mitigative actions in the advisory to improve their resilience to supply chain attacks and reduce the risk of compromise.”

Software supply chain cyber-attacks pose a significant threat as they can affect a number of organisations via one initial compromise and can lead to onward attacks, resulting in disruption or ransomware being deployed.  They can also be harder for network defenders to detect, as the actors are using legitimate software and hardware to enable the attack.

The advisory warns that the threat from these attacks is likely to increase and so organisations should follow the recommended actions to take to protect themselves.  This includes referring to the NCSC’s supply chain security guidance for advice on how to establish effective control and oversight of your supply chain.

Next actions

None – for information and awareness.