供应链攻击时攻击者针对供应链发起的网络攻击,并通过供应链将攻击延伸至相关的合作伙伴和企业用户。
例如,某著名信息系统管理和网络监控软件开发公司的相关产品遭到供应链攻击事件被纰漏,引发全球关注。该公司遭到APT组织发动的供应链攻击,所属平台软件的安装包被植入后门,使用该软件的客户均存在被入侵的风险。该软件是一个针对网络设备提供实时检测和分析的管理平台软件,客户主要包括政府、军事、教育等重要机构和国际知名企业。
英文翻译:
A supply chain attack is a network attack launched by an attacker against the supply chain, and extends the attack through the supply chain to relevant partners and enterprise users.
For example, a well-known information system management and network monitoring software development company’s related products were compromised by supply chain attacks, causing global concern. The company suffered a supply chain attack launched by APT group, and the installation package of the platform software was implanted with a backdoor, and customers using the software were at risk of being hacked. The software is a management platform software that provides real-time detection and analysis for network equipment, and its customers mainly include important institutions such as government, military, education and international well-known enterprises.
本文由数字化转型网(www.szhzxw.cn)转载而成,来源于网络;编辑/翻译:数字化转型网默然。
