Last week, Motherboard revealed that hackers had broken into the servers that belong to ASUS, the Taiwanese computer giant.
Once inside, the hackers pushed out a malicious update signed with a legitimate digital certificate to thousands of ASUS customers. Kaspersky Lab, which discovered the attack, estimates that around 500,000 people received this update. The hackers, however, were only targeting 600 of them.
Subscribe to CYBER on Apple Podcasts or wherever you listen to your podcasts.
This was an incredibly well planned and well executed attack that relied on compromising a trusted channel: ASUS’s update system.
On this week’s episode of CYBER, we sat down with Kim Zetter, the legendary cybersecurity reporter and the author of the original news story on the ASUS hack. Zetter walked us through this specific hack, and also told us about previous supply chain attacks, and why they’re so scary.