Chronicle of the Supply Chain Attack and Two Attack Strategies

Posted on in Presentations

The attacker group involved in ASUS incident is actively targeting companies in specific countries as well as global companies. KrCERT analyzed various supply chain attacks targeting Korean companies, and confirmed artifacts, malware code similarities. In addition, the team identified two strategies for supply chain attack (SW development environment penetration, update server penetration).
Byeongjae Kim


Malware General Researcher, Korea Internet and Security Agency (KISA)

Protecting Data & the Supply Chain Ecosystem Hackers & Threats

threat intelligence infrastructure security incident response endpoint security anti-malware



Share With Your Community