Hardware or software supply chain implant

During production and distribution, the placement of software, firmware, or a CPU chip in a computer, handheld, or other electronic device that enables an adversary to gain illegal entrance. [1] [2]

ID: T1365
Sub-techniques:  No sub-techniques
Tactic: Stage Capabilities
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: The number of elements and components in a supply chain of HW or SW is vast and detecting an implant is complex for SW, but more complex for HW.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): No

Explanation: Access to the supply chain by an adversary can be a challenging endeavor, depending on what element is attempting to be subverted.


  1. Tash Shifrin. (2006, October 16). Malware forces McDonald’s recall of giveaway MP3s. Retrieved March 9, 2017.
  1. Brandon Hill. (2007, November 14). Seagate Serves External HDDs with a Side of Virus. Retrieved March 9, 2017.