Trend Micro has identified a Chinese-linked threat actor, Earth Ammit, responsible for multi-wave supply chain attacks on organizations across Taiwan and South Korea between 2023 and 2024. The group executed two major campaigns—Venom and Tidrone—targeting military, industrial, technology, satellite, media, and healthcare sectors.
Andrew Obadiaru, CISO, Cobalt had this to say:
“Long-term supply chain intrusions like this are exactly why security validation needs to extend beyond your own environment. You’re only as secure as the least-tested component in your ecosystem—and in aerospace and defense, that often means legacy systems and smaller vendors without rigorous security programs. Offensive security helps close this gap by identifying the weak links attackers look for first. Whether it’s certificate abuse or persistence techniques buried deep in outdated firmware, you can’t defend what you don’t test. There must be a comprehensive VMP process as a key component in mitigating this risk as well as a recognition that an attack of this nature demonstrates that cybersecurity threats are no longer limited to digital boundaries; they’re embedded in the physical products and systems we rely on. A secure defense infrastructure requires regular pentesting, continuous visibility and proactive threat modeling.”
Supply chain attacks are becoming increasingly pervasive. Just look at this high profile example from earlier this week. Thus organization’s defence strategy has to be based around this new reality.
Like this:
Like Loading...
Related
This entry was posted on May 15, 2025 at 1:19 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Earth Ammit Targets Drone Supply Chain Says Trend Micro
Trend Micro has identified a Chinese-linked threat actor, Earth Ammit, responsible for multi-wave supply chain attacks on organizations across Taiwan and South Korea between 2023 and 2024. The group executed two major campaigns—Venom and Tidrone—targeting military, industrial, technology, satellite, media, and healthcare sectors.
Andrew Obadiaru, CISO, Cobalt had this to say:
“Long-term supply chain intrusions like this are exactly why security validation needs to extend beyond your own environment. You’re only as secure as the least-tested component in your ecosystem—and in aerospace and defense, that often means legacy systems and smaller vendors without rigorous security programs. Offensive security helps close this gap by identifying the weak links attackers look for first. Whether it’s certificate abuse or persistence techniques buried deep in outdated firmware, you can’t defend what you don’t test. There must be a comprehensive VMP process as a key component in mitigating this risk as well as a recognition that an attack of this nature demonstrates that cybersecurity threats are no longer limited to digital boundaries; they’re embedded in the physical products and systems we rely on. A secure defense infrastructure requires regular pentesting, continuous visibility and proactive threat modeling.”
Supply chain attacks are becoming increasingly pervasive. Just look at this high profile example from earlier this week. Thus organization’s defence strategy has to be based around this new reality.
Share this:
Like this:
Related
This entry was posted on May 15, 2025 at 1:19 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.