Dark Mode

Settings

Capec-522 Detail

Malicious Hardware Component Replacement

Standard Supply Chain Hardware Likelihood: Low Typical Severity: High

Parents: 439

Threats: T62

Description

An adversary replaces legitimate hardware in the system with faulty counterfeit or tampered hardware in the supply chain distribution channel, with purpose of causing malicious disruption or allowing for additional compromise when the system is deployed.

Not present

External ID Source Link Description
CAPEC-522 capec https://capec.mitre.org/data/definitions/522.html
T1195.003 ATTACK https://attack.mitre.org/wiki/Technique/T1195/003 Supply Chain Compromise: Compromise Hardware Supply Chain
REF-439 reference_from_CAPEC http://www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf John F. Miller, Supply Chain Attack Framework and Attack Patterns, 2013, The MITRE Corporation
REF-712 reference_from_CAPEC https://www.microsoft.com/security/blog/2020/02/03/guarding-against-supply-chain-attacks-part-2-hardware-risks/ Cristin Goodwin, Joram Borenstein, Guarding against supply chain attacks—Part 2: Hardware risks, 2020--02---03, Microsoft
Explore

  1. Determine Target Hardware: The adversary must first identify a system that they wish to target, and a specific hardware component that they can swap out with a malicious replacement.

    2. Techniques
    Look for datasheets containing the system schematics that can help identify possible target hardware.
    Procure a system and inspect it manually, looking for possible hardware component targets. Search for manufacturer IDs on hardware chips or FCC IDs on wireless chips to determine their functionality.

  2. Discover Vulnerability in Supply Chain: The adversary maps out the supply chain for the targeted system. They look for ooportunities to gain physical access to the system after it has left the manufacturer, but before it is deployed to the victim.

    3. Techniques
    Procure a system and observe the steps it takes in the shipment process.
    Identify possible warehouses that systems are stored after manufacturing.
Experiment

  1. Test a Malicious Component Replacement: Before performing the attack in the wild, an adversary will test the attack on a system they have procured to ensure that the desired outcome will be achieved.

    2. Techniques
    Design a malicious hardware component that will perform the same functionality as the target component, but also contains additional functionality.
    Obtain already designed malicious components that just need to be placed into the system.
Exploit

  1. Substitute Components in the Supply Chain: Using the vulnerability in the supply chain of the system discovered in the explore phase, the adversary substitutes the malicious component for the targeted component. This results in the adversary gaining unintended access to systems once they reach the victim and can lead to a variety of follow up attacks.

  1. Physical access to the system after it has left the manufacturer but before it is deployed at the victim location.

Not present

High
Hardware creation and manufacture of replacement components.

Not present

  1. During shipment the adversary is able to intercept a system that has been purchased by the victim, and replaces a math processor card that functions just like the original, but contains advanced malicious capability. Once deployed, the system functions as normal, but allows for the adversary to remotely communicate with the system and use it as a conduit for additional compromise within the victim's environment.

We use cookies to ensure you get the best experience on our website.