Unit 42, the Palo Alto Networks Security Consulting Group, has released new research that illustrates how supply chain security in the cloud continues its growth as an emerging threat.
Key findings from the report include:
SUPPLY CHAIN FLAWS ARE DIFFICULT TO DETECT
Unit 42 conducted a red team exercise with a large SaaS provider (a Palo Alto Networks customer who has a mature cloud security posture) and within three days discovered critical software development flaws that could have exposed the organisation to an attack similar to SolarWinds and Kaseya.
THIRD-PARTY CODE POSES A HIDDEN RISK
Based on global analysis, Unit 42 found that 63% of third-party code used in building cloud infrastructure contained insecure configurations and 96% of third-party container applications deployed in cloud infrastructure contain known vulnerabilities. If an attacker (like an APT) compromises third-party developers, it’s possible to infiltrate thousands of organisations’ cloud infrastructures.
ORGANISATIONS NEGLECTING DEVOPS SECURITY
Believing that code scanning at the end of the development lifecycle is sufficient, many organisations have a false sense of security in the cloud. This has led to development environments becoming the vector of choice for APTs. This was the case with SolarWinds.