Design-Level Supply Chain Attacks in the Real World

Explore the often overlooked realm of design-level supply chain attacks in this 52-minute conference talk from LASCON. Delve into the modern perspective on supply chain vulnerabilities, focusing on the critical design step that is frequently missed. Learn about three fundamental types of design-originated supply chain attacks, each diagnosed for intent, real-world examples, and remediation strategies. Understand the devastating impact of design-originated attacks on cybersecurity, which can lead to obfuscated, persistent, and hard-to-detect vulnerabilities. Discover how environmental constraints, compatibility and legal requirements, and malicious influencers can compromise security at the design level. Gain valuable insights into minimizing risks through architecture security reviews, shift-left approaches, awareness of standards and regulations, and diversification of decision-making processes. Equip yourself with the knowledge to defend against these blind spots in supply chain security and improve your organization's overall cybersecurity posture.