Skip to main content

Dependency Confusion Substitution Attack Technique

A security researcher has published details of a supply chain attack technique that allows unauthenticated remote attackers to infiltrate corporate networks via software development workstations.

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

A security researcher has published details of a supply chain attack technique that allows unauthenticated remote attackers to infiltrate corporate networks via software development workstations.


Affected platforms

The following platforms are known to be affected:

Various package managers including Maven Central, npm, NuGet Gallery, and Python Package Index Versions: all supported


Threat details

Introduction

Dependency confusion is a newly-discovered supply chain attack technique that allows unauthenticated remote attackers to execute malicious code on workstations used for software development, under certain conditions.

The technique was devised and validated by a security researcher, who was able to successfully infiltrate the corporate networks of several major technology companies.


Conditions

Software developers and enthusiasts commonly use a combination of public and private feeds. This enables the use of internal packages while also allowing the latest releases of open source software dependencies to be adopted automatically. However it has been found that such a hybrid configuration opens the risk of substitution attacks in several package managers including Maven Central, npm, NuGet Gallery, and Python Package Index.


Delivery

A remote attacker may create a new package in a public package index that has the same file name as a private package in use but with a higher version number.  Most package managers will then automatically download and install the malicious package from the public feed, achieving remote code execution as a result. This poses an even greater risk with automated build processes, where successful installation messages are often not reviewed and an attack is less likely to be detected.


Remediation advice

To prevent this type of attack, NHS Digital advises that:

  • Package managers that do not prioritise feeds are configured to reference a single private feed only
  • Private feeds are configured to disallow override by public packages
  • Package managers that support controlled scopes, namespaces or prefixes are configured to specify the correct source for each package
  • Client-side verification features such as version pinning and integrity verification are configured to detect unexpected changes

Organisations are advised to notify any supplier that develops software on their behalf about this attack technique.

Last edited: 12 February 2021 10:21 am