Supply Chain Compromise: Compromise Hardware Supply Chain

Other sub-techniques of Supply Chain Compromise (3)

ID	Name
T1474.001	Compromise Software Dependencies and Development Tools
T1474.002	Compromise Hardware Supply Chain
T1474.003	Compromise Software Supply Chain

Adversaries may manipulate hardware components in products prior to receipt by a final consumer for the purpose of data or system compromise. By modifying hardware or firmware in the supply chain, adversaries can insert a backdoor into consumer networks that may be difficult to detect and give the adversary a high degree of control over the system.

ID: T1474.002

Sub-technique of: T1474

Tactic Type: Post-Adversary Device Access

ⓘ

Tactic: Initial Access

ⓘ

Platforms: Android, iOS

ⓘ

MTC ID: SPC-1, SPC-2, SPC-4, SPC-5, SPC-6, SPC-7, SPC-8, SPC-13, SPC-16, SPC-17, SPC-21

Version: 1.1

Created: 28 March 2022

Last Modified: 24 October 2025

Version Permalink

Live Version

Mitigations

ID	Mitigation	Description
M1001	Security Updates	Security updates may contain patches to integrity checking mechanisms that can detect unauthorized hardware modifications.

Detection Strategy

ID	Name	Analytic ID	Analytic Description
DET0604	Detection of Compromise Hardware Supply Chain	AN1653	Integrity checking mechanisms can potentially detect unauthorized hardware modifications.
DET0604	Detection of Compromise Hardware Supply Chain	AN1654	Integrity checking mechanisms can potentially detect unauthorized hardware modifications.