In this video, Patrick Orzikowski, the VP of Threat and Intel at Total, discusses the recent 3Cx supply chain attack attributed to the Lazarus Group from North Korea. The conversation dives deep into the sophisticated methods used by the attackers, the collaboration between security vendors like CrowdStrike and Sentinel One, and the urgency for businesses to adopt advanced security measures. The panel also explores the critical role of MSPs in understanding their clients’ risk profiles and the importance of proactive communication and threat modeling to mitigate such complex threats.
The 3Cx compromise is considered the first major supply chain attack of 2023, highlighting the ongoing risk to supply chains.
The attack involved a sophisticated nation-state actor, Lazarus Group from North Korea, who used advanced techniques such as C2 infrastructure setup and RC4 encrypted messages appended to icon files on GitHub.
The incident underscores the importance of collaboration among security vendors, as evidenced by the swift response from companies like CrowdStrike, Sentinel One, and Total, which helped mitigate the potential damage.
