The 10th instalment in the series designed for military and national security decision makers looks at various ways a supply chain could be compromised as was the case for SolarWinds, the political response to the SolarWinds attack and much more. The new CCDCOE report also highlights the growing interest towards strategic decision-making exercises focusing on threats in the cyber domain.
“The tenth instalment in the series analyses in more depth the various ways attackers can compromise supply chains that also influence the operation of national security and defence organisations. It is impossible to ensure complete trust in any software, but it is possible to develop a defence-in-depth strategy,” explains Jan Wünsche, CCDCOE Strategy Researcher.
The SolarWinds incident has sparked a much needed debate about the vulnerabilities in the supply chain. Since the discovery of the SolarWinds supply chain attack, the US and its NATO Allies have been made noteworthy efforts to identify the extent of the compromise and mitigate its effects. The report provides a comprehensive overview about the various legal and political considerations taken by nations and the Alliance in response to the attacks.
“In addition to that the most recent issue explains how leaked Facebook data may be used for phishing campaigns, the recent cyber events influencing relations of China and India, increased cyber risk due to remote working and more,” adds Wünsche. “On the example of the Locked Shields exercise, which has included a strategic track since 2017, we notice the growing interest of nations to invest into understanding and developing the skills of various experts in providing a coordinated national response to cyber incidents.”
In 2020 the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) launched a series of reports that highlight how threats, vulnerabilities and incidents in cyberspace can affect military organisations and their operations.
The primary audience for this series includes military decision makers at different levels of command. The selection of relevant news articles stems from the significance of the events from the perspective of the military, utilizing the CCDCOE´s multidisciplinary expertise and 360° approach to cyber defence.