{"id":90528,"date":"2020-02-03T09:00:30","date_gmt":"2020-02-03T17:00:30","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=90528"},"modified":"2023-05-15T23:02:41","modified_gmt":"2023-05-16T06:02:41","slug":"guarding-against-supply-chain-attacks-part-2-hardware-risks","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/02\/03\/guarding-against-supply-chain-attacks-part-2-hardware-risks\/","title":{"rendered":"Guarding against supply chain attacks\u2014Part 2: Hardware risks"},"content":{"rendered":"

The challenge and benefit of technology today is that it\u2019s entirely global in nature. This reality is brought into focus when companies assess their supply chains, and look for ways to identify, assess, and manage risks across the supply chain of an enterprise. Part 2 of the \u201cGuarding against supply chain attacks\u201d blog series examines the hardware supply chain, its vulnerabilities, how you can protect yourself, and Microsoft\u2019s role in reducing hardware-based attacks.<\/p>\n

Unpacking the hardware supply chain<\/h3>\n

A labyrinth of companies produces mobile phones, Internet of Things (IoT) devices, servers, and other technology products that improve our lives. Product designers outsource manufacturing to one or more vendors. The manufacturer buys components from known suppliers. Each supplier buys parts from its preferred vendors. Other organizations integrate firmware. During peak production cycles, a vendor may subcontract to another company or substitute its known parts supplier with a less familiar one. This results in a complex web of interdependent companies who aren\u2019t always aware that they are connected.<\/p>\n

Tampering with hardware using interdiction and seeding<\/h3>\n

Tampering with hardware is not an easy path for attackers, but because of the significant risks that arise out of a successful compromise, it\u2019s an important risk to track. Bad actors compromise hardware by inserting physical implants into a product component or by modifying firmware. Often these manipulations create a \u201cback door\u201d connection between the device and external computers that the attacker controls. Once the device reaches its final destination, adversaries use the back door to gain further access or exfiltrate data.<\/p>\n

But first they must get their hands on the hardware. Unlike software attacks, tampering with hardware requires physical contact with the component or device.<\/p>\n

\"\"<\/a><\/p>\n

So how do they do it? There are two known methods: interdiction and seeding. In interdiction, saboteurs intercept the hardware while it\u2019s on route to the next factory in the production line. They unpackage and modify the hardware in a secure location. Then they repackage it and get it back in transit to the final location. They need to move quickly, as delays in shipping may trigger red flags.<\/p>\n

As hard as interdiction is, it\u2019s not nearly as challenging as seeding. Seeding attacks involve the manipulation of the hardware on the factory floor. To infiltrate a target factory, attackers may pose as government officials or resort to old fashioned bribery or threats to convince an insider to act, or to allow the attacker direct access to the hardware.<\/p>\n

Why attack hardware?<\/h3>\n

Given how difficult hardware manipulation is, you may wonder why an attacker would take this approach. The short answer is that the payoff is huge. Once the hardware is successfully modified, it is extremely difficult to detect and fix, giving the perpetrator long-term access.<\/p>\n