Defense Softwares

Data security depends on a secure software-development supply chain – VentureBeat

Posted by Security Systems

As 2020 finally came to an end and 2021 began, The New York Times reported that Russia used SolarWinds’ hacked program to infiltrate at least 18,000 government and private networks. As a result, it is presumed that the data within these networks (user IDs, passwords, financial records, source code), is in the hands of Russian intelligence agents. While the media has written numerous stories about the effects of the breach, there has been a noticeable lack of discussion around the type of attack that was perpetrated, that is, a supply-chain hack. This article will describe in more detail the nature of this type of attack along with some proposed best practices about supply-chain security to thwart nefarious incidents in the future. Finally, we’ll explore if the open source community (which is designed to be transparent and collaborative), can provide some guidance
Source…

Related Post