Skip to content

T1195.003 Compromise Hardware Supply Chain

Adversaries may manipulate hardware components in products prior to receipt by a final consumer for the purpose of data or system compromise. By modifying hardware or firmware in the supply chain, adversaries can insert a backdoor into consumer networks that may be difficult to detect and give the adversary a high degree of control over the system. Hardware backdoors may be inserted into various devices, such as servers, workstations, network infrastructure, or peripherals.

Item Value
ID T1195.003
Sub-techniques T1195.001, T1195.002, T1195.003
Tactics TA0001
Platforms Linux, Windows, macOS
Version 1.1
Created 11 March 2020
Last Modified 28 April 2022

Mitigations

ID Mitigation Description
M1046 Boot Integrity Use Trusted Platform Module technology and a secure or trusted boot process to prevent system integrity from being compromised. Check the integrity of the existing BIOS or EFI to determine if it is vulnerable to modification. 1 2

Detection

ID Data Source Data Component
DS0013 Sensor Health Host Status

References

  1. Trusted Computing Group. (2008, April 29). Trusted Platform Module (TPM) Summary. Retrieved June 8, 2016. 

  2. Microsoft. (n.d.). Secure the Windows 10 boot process. Retrieved April 23, 2020.