Comment: WithSecure - Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools
December 2022 by Paul Brucciani, Cyber Security Advisor at WithSecure
Following the news that Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. Paul Brucciani a Cyber Security Advisor at WithSecure Solutions discusses the importance of placing trust in developers.
“Code signing confirms the software developer’s identity, the name of the organization, the physical address, and the phone number. It also ensures the integrity of the code, but it does not verify that the code does what it purports. Ultimately, security comes down to the level of trust you have in the people that develop your software; it’s not possible to develop software without placing some level of trust in your developers.
To eliminate this particular security risk to your organisation, contact your software vendor to determine whether the software version you are operating has been compromised and ensure that you regularly patch software that is critical to your business.”