Overview
Explore a comprehensive analysis of supply chain attacks targeting Taiwan's financial sector in this 45-minute SANS DFIR Summit 2024 presentation. Delve into two significant incident cases from 2023, examining how threat actors exploited MDM platforms, JIRA ticket systems, and VPN channels to infiltrate internal networks. Learn about new Tactics, Techniques, and Procedures (TTPs) involving JIRA abuse and the concept of Malware-Free Attacks. Investigate a four-month-long island-hopping attack that impacted three subsidiaries within a financial group. Discover how researchers uncovered C2 information, leading to the identification of data leakage and additional victims. Gain insights into the potential threats enterprises face through supply chain vulnerabilities, and explore a comprehensive map of supply chain channels abused by threat actors. Benefit from the expertise of speakers Alian Wang, Detection & Response Analyst at CyCraft Technology Corp, and Chung-Kuan Chen, Security Research Director at CyCraft Technology Corp, as they share their findings and recommendations for protecting against these sophisticated cyber threats.
Syllabus
Ghost in Your Supply Chain
Taught by
SANS Digital Forensics and Incident Response