Hot Topics from Black Hat 2024

Black Hat 2024, held on August 7 - 8 at Mandalay Bay in Las Vegas, maintained its status as a pivotal event in cybersecurity.
 

The conference emphasized critical issues like AI in cyber defense, cloud vulnerabilities, and the persistence of ransomware. However, one of the most urgent topics was supply chain attacks - a threat vector that continues to challenge organizations globally - and the aftermath of reflections following the Crowdstrike incident.

Supply Chain Attacks and other Black Hat 2024 hot topics

Several panels focused on specific aspects of cybersecurity, with supply chain attacks being a recurrent theme. Emphasis on securing the software supply chain underscored the necessity of vigilance at every stage of software development and deployment, mirroring the industry’s response to high-profile supply chain attacks.

Research released by SecurityScorecard and The Cyentia Institute at the start of the Black Hat conference revealed that 99% of the organizations on Forbes’ Global 2000 list, including multinationals like AstraZeneca and HSBC, are vulnerable to supply chain attacks. Breaches among these companies have resulted in losses potentially reaching $80 billion in just 15 months. Additionally, 20% of these organizations rely on thousands of IT products with different purposes, each representing a potential attack vector.
 

On the main stage, “Understanding and Reducing Supply Chain and Software Vulnerability Risks” was a particularly interesting keynote. Danny Jenkins, CEO & Co-Founder of ThreatLocker, explored how identifying backdoors or unintended vulnerabilities that can be exploited in an environment is just as critical as staying current with the latest and more sophisticated hacking intel.

Emphasis on securing the software supply chain underscored the necessity of vigilance at every stage of software development and deployment. The average website has more than 35 third-party scripts from different vendors and most companies have no visibility into what these scripts are doing, creating a security blind spot.

Jscrambler's Webpage Integrity solution provides easy and immediate visualization of all scripts running on a webpage or application. It provides an effective degree of risk and immediately flags all suspicious behaviors.

This topic can also lead us to the elephant in the room: Crowdstrike. Last July, the update to the Falcon sensor program, run by CrowdStrike, caused a coding error that sent millions of Windows computers worldwide to a "Blue Screen of Death". The topic was the center of many conversations throughout Black Hat. Jscrambler’s co-founder and CTO, Pedro Fortuna, recently explored the incident from the angle of the affected businesses and how they can better prepare to prevent these third-party software risks. 

For another example: back in June, over one hundred thousand websites using Polyfill[.]io, a popular JavaScript CDN service, were compromised. Another major third-party incident where affected users of websites that ran Polyfill were being taken to a sporting bets website and an attacker got their code running without restriction, collecting a massive amount of sensitive data.
 

Conclusion

Black Hat 2024 highlighted the growing importance of securing supply chains in the face of evolving threats. With supply chain attacks becoming more sophisticated and widespread, the discussions underscored the need for a multi-layered defense strategy encompassing technology, processes, and people. Securing the software supply chain should not only be done by the software companies build, but also by the third-party software they use.

However, supply chain-focused sessions on Black Hat are mostly about software development vulnerabilities. As the cybersecurity landscape evolves, events like Black Hat are critical platforms for sharing knowledge and developing the strategies necessary to protect against these major threats. The event could and should expand its supply chain keynote sessions to these types of use cases.