| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
The incident involving software supply chain attacks targeting videogame developers is similar to the previous incident that targeted Asus with a supply chain hack. In both cases, hackers corrupted the programming tools used by the targeted organizations to plant malware in their products [83471].
(b) The software failure incident having happened again at multiple_organization:
The software supply chain attacks targeting videogame developers are part of a broader web of interlinked supply chain hacks that also included the hijacking of utility software CCleaner and the server management software Netsarang in 2017. This indicates that the same group of hackers has targeted multiple organizations in different sectors using similar tactics [83471]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case where hackers corrupted versions of the Microsoft Visual Studio development tool, which three different videogame companies then used in their own development. This led to the planting of malware in certain games, infecting hundreds of thousands of victims with a backdoored version of the programs [83471].
(b) The software failure incident related to the operation phase is evident in the fact that after using the malicious Microsoft development tools, each of the compromised gaming firms digitally signed their games before distributing them, marking them as legitimate even though they contained malware. This highlights a failure in the operation phase where compromised executables were trusted by users, security software, and others due to the digital signatures [83471]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident described in the articles is primarily within the system. The failure was caused by hackers corrupting versions of the Microsoft Visual Studio development tool, which were then used by three different videogame developers in their own development process [83471]. This internal corruption of the development tool led to the insertion of malware into certain games, affecting potentially hundreds of thousands of victims. The compromised software tools were used internally by the game developers, leading to the distribution of infected games to unsuspecting users.
(b) outside_system: The software supply chain attacks, including the targeting of the videogame developers, originated from outside the system. Hackers targeted the companies that distribute the code used by their intended victims, in this case, the videogame developers who relied on the corrupted versions of the Microsoft Visual Studio tool [83471]. The attackers exploited vulnerabilities in the supply chain to inject malware into the software development process, ultimately impacting the end-users who downloaded and played the infected games. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident described in the articles is related to a supply chain attack where hackers targeted software development tools used by videogame developers. The hackers corrupted versions of the Microsoft Visual Studio development tool, which were then used by three different videogame companies in their development process. This led to the planting of malware in certain games, infecting potentially hundreds of thousands of victims with backdoored versions of the programs. The malware was carefully designed to stop executing on machines configured to use Russian or Simplified Chinese, indicating a deliberate targeting strategy [83471].
(b) The software failure incident occurring due to human actions:
The software failure incident involving the supply chain attack on videogame developers was likely facilitated by human actions. It is suspected that the hackers may have breached the targeted companies first and then planted their malicious version of Visual Studio on specific developer machines. This suggests a level of human involvement in gaining access to the companies' networks and deploying the corrupted software tools. Additionally, there is a mention of the possibility that developers may have downloaded pirated versions of Visual Studio, which could have contributed to the introduction of the malicious software [83471]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident related to hardware:
- The incident mentioned in the article is not directly attributed to a hardware failure. Instead, it focuses on software supply chain attacks where hackers target companies distributing code used by their targets [83471].
(b) The software failure incident related to software:
- The software failure incident discussed in the article is primarily due to contributing factors originating in software. It involves hackers corrupting versions of the Microsoft Visual Studio development tool, which were then used by videogame developers to create games containing malware [83471]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. The incident involved hackers targeting videogame developers by corrupting the Microsoft Visual Studio development tool, which was then used by the developers to create games containing malware. The hackers planted backdoored versions of the programs, infecting hundreds of thousands of victims with malicious code [83471]. The attackers also digitally signed the compromised games, making them appear legitimate to users and security software, thus demonstrating a deliberate intent to deceive and harm the system. |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The intent of the software failure incident:
The software failure incident described in the articles was not due to poor decisions but rather a sophisticated supply chain attack orchestrated by hackers targeting software developers and their tools. The hackers corrupted versions of the Microsoft Visual Studio development tool used by three different videogame developers, allowing them to plant malware in certain games and infecting hundreds of thousands of victims with backdoored versions of the programs [83471]. This incident was a deliberate and malicious act rather than a result of poor decisions made by the software developers. |
| Capability (Incompetence/Accidental) |
development_incompetence, unknown |
(a) The software failure incident related to development incompetence is evident in the article where hackers targeted three different videogame developers by corrupting the programming tools they relied on, specifically the Microsoft Visual Studio development tool. The compromised versions of the development tool were then used by the game developers to create their games, resulting in malware being planted in certain games and infecting hundreds of thousands of victims [83471].
(b) The software failure incident related to accidental factors is not explicitly mentioned in the provided article. |
| Duration |
temporary |
The software failure incident described in the articles can be categorized as a temporary failure. The incident involved hackers targeting videogame developers by corrupting the programming tools they relied on, such as the Microsoft Visual Studio development tool. This led to the planting of malware in certain games, infecting hundreds of thousands of victims with backdoored versions of the programs [83471]. The compromised games were distributed with digital signatures, making them appear legitimate even though they contained malware. This temporary failure was a result of specific circumstances introduced by the hackers targeting the software supply chain of the videogame developers. |
| Behaviour |
value, other |
(a) crash: The software failure incident described in the articles does not involve a crash where the system loses state and does not perform any of its intended functions. Instead, the incident involves the deliberate corruption of software tools used by game developers, leading to the distribution of malware-infected games [83471].
(b) omission: The incident does not involve the omission of performing intended functions by the system at an instance(s). Rather, the compromised software tools were used by game developers to create and distribute games that contained malware, indicating a deliberate act rather than an omission [83471].
(c) timing: The timing of the software failure incident is not related to the system performing its intended functions too late or too early. The incident revolves around the corruption of software development tools and the subsequent distribution of malware-infected games by the affected game developers [83471].
(d) value: The software failure incident does involve the system performing its intended functions incorrectly. In this case, the compromised software tools were used to create games that were digitally signed as legitimate but contained malware, leading to the infection of potentially hundreds of thousands of users [83471].
(e) byzantine: The software failure incident does not exhibit the characteristics of a byzantine failure, where the system behaves erroneously with inconsistent responses and interactions. Instead, the incident involves a targeted and coordinated effort to corrupt software tools and distribute malware through legitimate channels [83471].
(f) other: The behavior of the software failure incident can be described as a supply chain attack, where hackers target the companies that distribute software used by their intended victims. This type of attack involves compromising the source of software rather than directly attacking individual devices or networks, highlighting a sophisticated and strategic approach to spreading malware [83471]. |