Centripetal Comments in Dark Reading Article "ShadowHammer Dangers Include Update Avoidance"

Posted by Centripetal on April 2, 2019

More fallout from the compromise of Asus's automated software update.

Experts Commented below:

Colin Little, Senior Threat Analyst at Centripetal Networks:

The ShadowHammer attackers used a trusted supplier — which itself was using trusted certificates for authentication — to target a relatively small number of end users. But the impact of the attack may be felt far beyond the targeted systems as customers around the world lose confidence in the software, firmware, updates, and patches provided by Asus.

"We plainly see the need for validation of trusted-vendor channels in addition to digital signatures — which, in this case, appears to have further concealed the malicious activity by providing a false sense of integrity — not just for software and platform updates, but any 'trusted' vendor network which has access into our environment," says Colin Little, senior threat analyst at Centripetal Networks.

To read more, please see the article

Tags: DarkReading.com, ASUS, ShadowHammer