TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Hardware or software supply chain implant
Hardware or software supply chain implant
During production and distribution, the placement of software, firmware, or a CPU chip in a computer, handheld, or other electronic device that enables an adversary to gain illegal entrance. [1] [2]
ID: T1365
Sub-techniques:
No sub-techniques
Tactic:
Stage Capabilities
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: The number of elements and components in a supply chain of HW or SW is vast and detecting an implant is complex for SW, but more complex for HW.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): No
Explanation: Access to the supply chain by an adversary can be a challenging endeavor, depending on what element is attempting to be subverted.
References
- Tash Shifrin. (2006, October 16). Malware forces McDonald’s recall of giveaway MP3s. Retrieved March 9, 2017.
- Brandon Hill. (2007, November 14). Seagate Serves External HDDs with a Side of Virus. Retrieved March 9, 2017.
×