|
|
|
|
|
|
by lupire
2751 days ago
|
|
|
Hardware hacks are easy for anyone who works in that industry. What's hard is making software that runs on that hardware do anything useful -- it would need to communicate with external command&control and know how to read interesting data or send interesting effectful commands to the mainboard. Making the main board fail arbitrarily would be easy, but controlling the board or exfiltrating data is hard. |
|
|
"communicate with external command&control and know how to read interesting data or send interesting effectful commands to the mainboard." is hard only in the sense that it takes some effort, however, this requires pretty much the same capabilities and skills as every engineered malware we've encountered, so you can assume that every serious adversary can do it, not only nation state adversaries but many serious commercial pentesting companies and cybercrime teams have demonstrated such capabilities.
I can imagine an attacker that can make the "hard" software required but doesn't have the capability to insert that modified hardware within a supply chain - as in, it's not even assumption, for pretty much every intelligence agency it's known that they can easily do software which "would need to communicate with external command&control and know how to read interesting data or send interesting effectful commands to the mainboard" - even just counting things that have failed (because we've detected and analyzed and attributed them), there's clear evidence that they can do it because they've done it many times.
I literally can't imagine an agency that can pull off the supply chain attack but doesn't have the capability to write software to control the board and exfiltrate data.