The Malware Supply Chain: Malicious Attacks Take on a Corporate Edge

By the DynaSis Team

In late 2013, Internet security firm Fireeye released some disturbing news. Their research had uncovered evidence that a string of sophisticated, seemingly unrelated malware attacks had a common origin. Fireeye referred to the effort as a “broader offensive fueled by a shared development and logistics infrastructure.” In other words, multiple criminal entities and operations were working together, pooling and sharing resources and logistics to make it easier and more efficient to develop and launch highly sophisticated but distinctly separate attacks.

Fireeye dubbed the large operation, which provided the framework and resources for at least 11 separate malware campaigns, the Sunshop Campaign. All 11 of the attacks were built on the same infrastructure of malicious services and applications, including shared malware tools, code, timestamps and digital certificates. This “malware supply chain” supported a centralized planning and development effort, operating in much the same way as a large manufacturing facility―or a multi-player, organized crime ring.

The idea of advanced, highly organized and well-funded groups working together to make their efforts even more streamlined and effective should cause any IT security expert to shudder. It certainly got our attention here at DynaSis.

Malware attacks being masterminded by criminal organizations is nothing new, but security experts have always assumed most of them worked largely in isolation. The fact that they have decided to team up, sharing their best minds and practices to achieve an even more deadly and ruthless result, is positively horrifying.

It’s one of the reasons DynaSis has been emphasizing the importance of cyber security so much and so often, of late. It’s also one of the reasons we launched our enhanced anti-malware and spyware service earlier this year. This state-of-the-art anti-malware/spyware solution not only roots out and blocks known menaces but also works to identify “zero day” attacks― assaults that exploit unknown vulnerabilities in computer applications before researchers identify and write code to plug them.

It’s exactly the type of protection everyone is going to need in the brave new world where malware “factories” with sophisticated supply chains may well become the norm. To learn more about the current malware landscape and why we are so concerned about it, or to explore the specifics of our new malware service, fill out our inquiry form or give us a call.