Excerpt from the Hakin9 Car Hacking product page, via the Internet Archive (28 Feb 2022). Copyright Hakin9. Purchase the full issue from Hakin9.
Five Steps to Addressing Supply Chain Vulnerabilities
Nir Yehoshua
Supply chain attacks (also known as third-party attacks) occur because of problems introduced by use of a third-party product or service. For example, if a company implements a third-party open source library, it is easier for attackers to perform vulnerability research on this library, for which source code is available, in contrast to varying levels of access to code for the full product. Once they find vulnerabilities in the library, the attackers can exploit the vulnerability in the product that has implemented it, in some cases harming the company or its reputation, or gaining remote access and stealing sensitive data. So how can this be dealt with? The key lies in managing the supply chain, and we present five steps that can be taken to maximize peace of mind regarding your product security.