Security News > 2022 > March > How AI can fend off supply-chain attacks
These are examples of supply chain compromises that infiltrate a company's software directly, but there's another common attack vector; email.
How can you filter it from the herd of legitimate emails entering your systems? Darktrace argues that it's time for a new approach.
Whereas a traditional email scanning tool looking for an IoC match might miss an email from a supplier's account, Darktrace argues that looking for even minute deviations from normal can throw up red flags.
Attackers used a supply chain ruse to target 12 employees there with phishing emails.
Antigena scanned the content of the email and compared it to other emails that the real supplier had sent in the past.
With supply chain attackers using multiple routes into victims' systems, Darktrace argues that a multi-faceted approach to monitoring is crucial.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/03/25/ai_supply_chain_attacks/
Related news
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- MINJA sneak attack poisons AI models for other chatbot users (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)