Background
With the rise of AI technologies and their increasing use by threat actors, today's IT security organizations face an increasing variety and volume of sophisticated cyber attacks. Among the critical attack surfaces they must defend are software supply chains, the complex, distributed, and interdependent application development ecosystems utilized to fabricate digital products in much the same way manufacturers utilize traditional supply chains to fabricate physical products. Today's challenging software supply chain security landscape resembles what a human soccer team would face if their opponents were allowed to use robots specially built to exploit their weaknesses. Given that “every business is a software business,” organizations cannot just take their ball and go home - they must put in the work to improve and compete to win on this field.
The first post in this series described the evolution of the software supply chain threat landscape as AI technologies are increasingly utilized for attacks, especially in key vulnerable areas. These AI technologies range from well-established Machine Learning (ML) to newer Generative AI and even custom Large Language Models (LLM’s) and Small Language Models (SLM’s). That post also introduced Cyberify’s simple formula for framing AI security discussions: Security From AI, Security Of AI, and Security With AI. This analysis will extend the examination of software supply chain security risks From AI attacks to include defense and mitigation approaches.
In the previous post, we reviewed the widely exploited and publicized Log4J vulnerability as an example of the risks inherent to software supply chains. Just in the last week, another successful attack on a software supply chain came to light. The Rackspace / ScienceLogic breach followed a familiar pattern, as a 0-day vulnerability in ScienceLogic's application stack deployed in Rackspace environments became an attack vector for a successful exploit. The attackers were able to access a variety of internal Rackspace monitoring data, including customer information such as account names, numbers, usernames, IP addresses, and encrypted Rackspace device agent credentials.
While there is yet no direct evidence that AI technologies were leveraged in these attacks, the trend of increasing software supply chain risk is expected to continue, at least partly due to the proliferation of AI technologies. What steps can organizations take to mitigate these risks? We will examine some of Cyberify's recommended approaches below.
Core Mitigation Approaches: Fundamentals (Still) Matter
At first, focusing on cybersecurity fundamentals in the face of a rapidly evolving threat landscape may seem counterintuitive or even misinformed. However, strongly competitive environments consistently show that teams and organizations that excel in executing fundamental skills have the best chance for consistent success. As the dad of a soccer goalkeeper, while I’m thrilled when my son makes a fantastic save, most of the time it’s only needed because of a breakdown in his team’s basic marking and tackling. For an IT security organization, the fewer “saves” that have to be made when protecting software supply chains, the better. While adding new skills and techniques can be critical, building organizational “muscle memory” for foundational cybersecurity capabilities is just as important, if not more so. Some of these key foundational capabilities are detailed below.
One foundational understanding is that enhanced verification processes following zero-trust principles are crucial. These processes include implementing strong code signing practices, utilizing hardware security modules (HSMs) for key storage, enforcing multi-party signing approval, and regularly rotating signing keys. Cyberify highly recommends signature verification at multiple points in every pipeline. Additionally, automated dependency scanning should be a priority, incorporating automated SBOM (Software Bill of Materials) generation, continuous vulnerability scanning of dependencies, automated alerts for suspicious changes, and strict version pinning for all dependencies.
Organizations should maintain their cyber incident response plans, focusing on robust data incident response and recovery capabilities specifically designed for AI-powered data exfiltration and ransomware. This includes establishing AI-enhanced security information and event management (SIEM) systems that can correlate multiple subtle indicators of exfiltration, developing playbooks for responding to AI-powered attacks, and implementing automated response capabilities that can quickly isolate and investigate suspected exfiltration or ransomware attempts.
Pipeline hardening is another critical aspect, focusing on two main areas: immutable infrastructure and secure CI/CD practices. For immutable infrastructure, we advocate using containerization with signed and verified images, implementing infrastructure as code with version control, and ensuring reproducible builds. When it comes to secure CI/CD practices, isolating build environments, using ephemeral build systems, implementing detailed logging and audit trails, and enforcing separation of duties in pipeline stages are some of our most critical recommendations.
Third-party cyber risk management (TPRM / TPCRM) integration with cybersecurity programs generally, and software supply chain protection specifically, is also highly important. Implementing vendor risk assessment processes, requiring security attestations from suppliers, conducting regular audits of third-party components, and maintaining an up-to-date inventory of all third-party software are vital aspects of a comprehensive TPRM approach for software supply chains.
Finally, endpoint hardening remains a critical component of any malware defense strategy. Advanced endpoint protection should include next-generation endpoint detection and response (EDR), application whitelisting, hardware-based security features, and endpoint isolation capabilities. System integrity verification is equally important, implementing secure boot mechanisms, trusted platform modules (TPM), and continuous system integrity checking.
Winning in the New Software Supply Chain Security Landscape
We've examined some of the fundamental approaches and best practices for mitigating AI-enhanced attacks on software supply chains, emulating winning soccer teams by building strength in core skills. However, while those core security capabilities are essential, by themselves they aren't sufficient to combat the full range of AI-enhanced threats. We will examine advanced mitigation capabilities for specific attack vectors in Part 3 of this series. Finally, If you'd like to discuss Cyberify's perspectives on AI and software supply chain security in more depth, book a time to chat!
Commentaires