The Evolution of the Software Supply Chain Attack

Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and 5,000+ development teams. Ilkka will walk through how hackers are becoming more successful at breaching Software Supply Chains and what you can do about it.

Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.