The UK's National Cyber Security Centre (NCSC) in concert with Republic of Korea's National Intelligence Service (NIS) has issued a stark warning regarding state-linked cyber threats attacking software supply chains originating from the Democratic People's Republic of Korea (DPRK).
These state-backed cyber-attacks employ a host of advanced methods to infiltrate global organisations, leveraging zero-day vulnerabilities and third-party software to either access specific targets or indiscriminate organisations via their supply chains.
The NCSC and the NIS observe the alignment of these supply chain attacks with the DPRK's main priorities, which consist of revenue generation, espionage activities, and theft of advanced technologies. The advisory also projected a surge in risk of attack from DPRK state-linked actors and urged organisations to adhere to recommended preventive measures.
Oseloka Obiora, Chief Technology Officer at RiverSafe, highlighted the importance of robust cybersecurity amidst such threats. He stated, "A supply chain is only as strong as its weakest link and with the latest round of state-linked threats, it is vital that cybersecurity teams are on full alert. Global supply chains are complex webs tied together by digital connections, introducing an array of vulnerabilities that need to be regularly monitored and managed."
He stressed on the escalating threats to supply chains, and revealed that only "45 per cent of security teams have a system in place to review the cybersecurity risks posed by immediate suppliers." This underlines the attraction for malicious players to target supply chains as an easy point of entry.
Obiora underlined the essential role of wide-ranging network visibility, achieved through observability, indicating that this could empower teams to anticipate unexpected network activity or technical issues. This, he claimed, "can give teams the ability to monitor the 'unknowns unknowns' to better prepare for unexpected activity or technical issues within a network, especially those across distributed IT systems."
This warning from NCSC and NIS arrives shortly after the announcement of a new strategic cyber Partnership between the UK and the Republic of Korea. Both nations have pledged to work collectively on mitigating shared cyber threats under a new Accord signed recently.
The guidance put out by the NCSC urged entities to improve their resilience to supply chain attacks and curtail the risk of compromise. Paul Chichester, NCSC Director of Operations, said: “In an increasingly digital and interconnected world, software supply chain attacks can have profound, far-reaching consequences for impacted organisations. Today, with our partners in the Republic of Korea, we have issued a warning about the growing threat from DPRK state-linked cyber actors carrying out such attacks with increasing sophistication."