Intelligent CIO North America Issue 12 | Page 76

t cht lk

t cht lk

Despite training and widespread warnings against spam , users continue to open suspicious emails .
from on-premises to the cloud . With new points of administration and management , plus a new front-end configuration , come increased opportunities for error and a potential data breach .
The CI / CD pipeline is under assault
There has been considerable coverage and research into the SolarWinds breach . CISA ’ s analysis of the attack on SolarWinds concluded that the threat actors added a malicious version of the binary SolarWinds . Orion . Core . BusinessLayer . dll into the SolarWinds software lifecycle .
This version was then digitally signed by a legitimate SolarWinds code signing certificate . The malicious code became trusted once it was digitally signed , defeating the purpose of code signing : providing reassurance to users that the code an organization distributes can be trusted .
Crafting a strategy to breach a software provider ’ s most secured continuous integration / continuous delivery ( CI / CD ) pipeline means threat actors are aiming for the heart of cyberdefenses .
By successfully breaching the CI / CD pipeline , threat actors would assume a mantle of trust and are capable , virtually unhindered , of using an organization ’ s trusted reputation to distribute malware across its user base , potentially enabling serious and widespread damage .
Remote work environments
With many organizations allowing users to utilize home broadband connections for work use , the corporate attack surface has grown substantially , with sensitive data being strewn and exposed everywhere . None of this has changed in Q1 2021 .
76 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com