Software supply chain threats represent a particularly nefarious issue for defenders, as it involves the compromise of a trusted third party through which the threat actor then subsequently compromises additional victims. To complicate things even more, the subsequent victims of these supply chain attacks are often unaware that they have been attacked in the first place due to the trusted nature of the relationship between the 3rd party victim and the supplier.
Accordingly, this brief will discuss CrowdStrike’s most current understanding of recent supply chain threats, including Log4j as a use case. This brief will cover the threat actors that perpetrate these attacks, their associated infrastructure and capabilities, and what organizations should be considering in order to combat these advanced threats.
Strategic Threat Advisor
Nina is CrowdStrike’s dedicated threat advisor for customers across the state, local government, education, and healthcare sectors. She helps customers maximize the utility of intelligence through their threat intelligence operations and security programs.
Product Advocacy Manager
I was the founder of the Splunk user group for the Lincoln/Omaha area, Splunk402. I have been part of the SplunkTrust since the founding. I was the 2022 Splunkie award winner for Community. I have been involved in coaching of youth sports. I have coached athletes as young as pre-kindergarten through high school students. I have helped athletes through coaching and mentoring in tee ball, baseball, wrestling, weight training, and track and field. Most recently I have been the assistant coach and defensive coordinator for a youth football team as well as a grade school soccer coach. I have been privileged to help grow my own children through sports as one of their coaches or their biggest supporter on the sidelines.