Mitigating disasters through supply chain security
Felicitas Pojtinger
2022-01-06
Topic: The “Solarwinds” attack and farm-to-table methods in the development process - Mitigating disasters through supply-chain security
SolarWinds.Orion.Core.BusinessLayer.dll
is a signed
component of Orion which communicates with external servers using
HTTPavsvmcloud.com
,
which will return a command and control domain through the
CNAME
record.po
files, not the application source codeSTDOUT
, STDERR
, return value
etc.DELETE
rule is missing). Can be mitigated by requiring multiple parties to do
the job, thus requiring the breach to happen on i.e. multiple
hosts.apt-transport
for in-toto is used to provide
attestations of the resulting builds using link metadatak
out of n
rebuilders
and the Debian build farmk
out of n
rebuilders, which the client can
verify