Security News > 2022 > March > How AI can fend off supply-chain attacks
These are examples of supply chain compromises that infiltrate a company's software directly, but there's another common attack vector; email.
How can you filter it from the herd of legitimate emails entering your systems? Darktrace argues that it's time for a new approach.
Whereas a traditional email scanning tool looking for an IoC match might miss an email from a supplier's account, Darktrace argues that looking for even minute deviations from normal can throw up red flags.
Attackers used a supply chain ruse to target 12 employees there with phishing emails.
Antigena scanned the content of the email and compared it to other emails that the real supplier had sent in the past.
With supply chain attackers using multiple routes into victims' systems, Darktrace argues that a multi-faceted approach to monitoring is crucial.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/03/25/ai_supply_chain_attacks/
Related news
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- MINJA sneak attack poisons AI models for other chatbot users (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Hackers target AI and crypto as software supply chain risks grow (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)