Supply Chain Compromise: Compromise Hardware Supply Chain
Other sub-techniques of Supply Chain Compromise (3)
|T1195.001||Compromise Software Dependencies and Development Tools|
|T1195.002||Compromise Software Supply Chain|
|T1195.003||Compromise Hardware Supply Chain|
Adversaries may manipulate hardware components in products prior to receipt by a final consumer for the purpose of data or system compromise. By modifying hardware or firmware in the supply chain, adversaries can insert a backdoor into consumer networks that may be difficult to detect and give the adversary a high degree of control over the system. Hardware backdoors may be inserted into various devices, such as servers, workstations, network infrastructure, or peripherals.
Use Trusted Platform Module technology and a secure or trusted boot process to prevent system integrity from being compromised. Check the integrity of the existing BIOS or EFI to determine if it is vulnerable to modification.  
Perform physical inspection of hardware to look for potential tampering. Perform integrity checking on pre-OS boot mechanisms that can be manipulated for malicious purposes.