The Drone Supply Chain's Grand Siege: From Initial Breaches to Long-Term Espionage
Black Hat Asia 2025 · Day 1 · Briefings
This talk, "The Drone Supply Chain's Grand Siege: From Initial Breaches to Long-Term Espionage on High Value Targets," delivered by Trend Micro's Vicki Sue and Philip Chen, uncovers a sophisticated and multi-stage **supply chain attack** orchestrated by the advanced persistent threat (APT) group dubbed **Earth Hammet**. The research details two interconnected campaigns, **Campaign Venom** and **Campaign Ty-Drone**, which systematically targeted the drone industry and its related upstream service providers, primarily in Taiwan and South Korea. The speakers reveal how initial breaches into less secure upstream vendors were leveraged to gain access to high-value downstream targets, including military, satellite, and payment services.
AI review
This is a critical piece of threat intelligence, exposing a highly sophisticated, two-tiered supply chain attack by Earth Hammet against the strategically vital drone industry. The research meticulously details how a nation-state actor leveraged upstream breaches to pivot to high-value military, satellite, and payment targets, demonstrating a calculated operational strategy. The most significant takeaway is Earth Hammet's rapid integration of cutting-edge evasion techniques, directly adapting novel fiber-based and exception handling methods presented at recent Black Hat conferences, proving…