ID | Name |
---|---|
T1195.001 | Compromise Software Dependencies and Development Tools |
T1195.002 | Compromise Software Supply Chain |
T1195.003 | Compromise Hardware Supply Chain |
Adversaries may manipulate hardware components in products prior to receipt by a final consumer for the purpose of data or system compromise. By modifying hardware or firmware in the supply chain, adversaries can insert a backdoor into consumer networks that may be difficult to detect and give the adversary a high degree of control over the system. Hardware backdoors may be inserted into various devices, such as servers, workstations, network infrastructure, or peripherals.
ID | Mitigation | Description |
---|---|---|
M1046 | Boot Integrity |
Use Trusted Platform Module technology and a secure or trusted boot process to prevent system integrity from being compromised. Check the integrity of the existing BIOS or EFI to determine if it is vulnerable to modification. [1] [2] |
ID | Data Source | Data Component | Detects |
---|---|---|---|
DS0013 | Sensor Health | Host Status |
Perform physical inspection of hardware to look for potential tampering. Perform integrity checking on pre-OS boot mechanisms that can be manipulated for malicious purposes and and compare against known good baseline behavior. |