Dark Mode
Capec-530 Detail
Provide Counterfeit Component
Detailed Supply Chain Physical Security Hardware Likelihood: Low Typical Severity: High
Parents: 531
Threats: T78
An attacker provides a counterfeit component during the procurement process of a lower-tier component supplier to a sub-system developer or integrator, which is then built into the system being upgraded or repaired by the victim, allowing the attacker to cause disruption or additional compromise.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-530 | capec | https://capec.mitre.org/data/definitions/530.html | |
| REF-439 | reference_from_CAPEC | http://www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf | John F. Miller, Supply Chain Attack Framework and Attack Patterns, 2013, The MITRE Corporation |
| REF-698 | reference_from_CAPEC | https://dsiac.org/articles/combating-counterfeit-components-in-the-dod-supply-chain/ | Paul Wagner, Combating Counterfeit Components in the DoD Supply Chain, 2015, Defence Systems Information Analysis Center |
| REF-703 | reference_from_CAPEC | https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6856206 | Ujjwal Guin, Ke Huang, Daniel DiMase, John M. Carulli, Jr., Mohammad Tehranipoor, Yiorgos Makris, Counterfeit Integrated Circuits: A Rising Threat in the Global Semiconductor Supply Chain, Proceedings of the IEEE, 2014, IEEE |
Not present
- Advanced knowledge about the target system and sub-components.
Not present
| High |
|---|
| Able to develop and manufacture malicious system components that resemble legitimate name-brand components. |
Not present
- The attacker, aware that the victim has contracted with an integrator for system maintenance and that the integrator uses commercial-off-the-shelf network hubs, develops their own network hubs with a built-in malicious capability for remote access, the malicious network hubs appear to be a well- known brand of network hub but are not. The attacker then advertises to the sub-system integrator that they are a legit supplier of network hubs, and offers them at a reduced price to entice the integrator to purchase these network hubs. The integrator then installs the attacker's hubs at the victim's location, allowing the attacker to remotely compromise the victim's network.