Original Post from SC Magazine
Author: Robert Abel
Asus released a patch in the wake of the ShadowHammer malware attack, but despite fix researchers are still left wondering how the attack was carried out in the first place.
The company said its customer service has been reaching out the affected users and providing assistance to ensure that the security risks are being removed, according to a company statement.
Asus Version 3.6.8 introduced multiple security verification mechanisms to prevent malicious manipulation from software updates or other means, implemented an enhanced end-to-end encryption mechanism, and updated and strengthened its server-to-end-user software architecture to prevent similar attacks from happening in the future.
Asus also developed an online security diagnostic tool to check for affected systems.
Despite the updates researchers like Tim Erlin, vice president, product management and strategy at Tripwire, expressed concern relating to users that have already been compromised.
“Affected users need to find out whether the attackers have actually targeted them, and then they need to assess the extent of the compromise,” Erlin said.
“This attack leveraged a very broad platform, the Asus updates, but then strategically targeted a small set of those initially compromised for further attack,” he said. “The fix from Asus doesn’t help us understand who was targeted and why.”
Erlin also pointed out that we still have little information about how exactly Asus was compromised and that sharing this information would be good for the industry as a whole.
Organizations can efficiently and effectively manage these multi-faceted risks by working together on a common language and expected practices, said
Mike Jordan, senior director of The Shared Assessments Program.
“Our members are discussing how to best address these threats in our working groups, especially as they pertain to Operational Technology (OT) risks to the plant floors of manufacturing, utility, and energy companies,” Jordan said. “We’ve found that the best way to address these kinds of third party risks is by working together with all parties, including the purchasers, the vendors, and the service providers that service and secure them.”
The post Asus issues patch, but questions still remain about ShadowHammer appeared first on SC Media.
Go to Source
Author: Robert Abel