As we suggested in the SAS 2021 announcement, the ‘Time to Make the Donuts’ presentation isn’t about actual doughnuts. It is about a much more interesting and complicated topic – supply-chain attacks.
What is a supply-chain attack? Why do cybercriminals choose this type of attack? What are the typical tactics and processes of supply-chain attacks? Kurt Baumgartner of Kaspersky GReAT has prepared a smart overview of major attacks of 2021 and recent years. On the menu there are both famous names, like SolarWinds/Sunburst, ExPetr and Shadowpad, and less known ones, such as MonPass/BountyGlad.