#BHUSA: Nation-State Attacks Target Hardware Supply Chains

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

A new report from HP Wolf Security has highlighted the growing danger from threat actors targeting physical device supply chains with 19% of organizations saying they have been impacted by nation-state threat actors targeting physical PC, laptop or printer supply chains.

Of the 800 IT and security decision makers surveyed, almost all (91%) believe nation-state threat actors will target physical PC, laptop or printer supply chains to insert malware or malicious components into hardware and/or firmware.

Meanwhile, over a third (35%) of organizations said that they or others they know have already been impacted by nation-state threat actors targeting supply chains to try and insert malicious hardware or firmware into devices.

“System security relies on strong supply chain security, starting with the assurance that devices are built with the intended components and haven’t been tampered with in the factory or during transit,” commented Alex Holland, Principal Threat Researcher in the HP Security Lab.

“If an attacker compromises a device at the firmware or hardware layer, they’ll gain unparalleled visibility and control over everything that happens on that machine. Just imagine what that could look like if it happens to the CEO’s laptop,” he said.

Around two-thirds (63%) of security leaders surveyed also believe that the next major nation-state attack will involve poisoning hardware supply chains to insert malware.

How to Manage Hardware and Firmware Security

HP Wolf Security has advised customers to take the following steps to help proactively manage device hardware and firmware security:

  • Adopt Platform Certificate technology, this is designed to enable verification of hardware and firmware integrity upon device delivery
  • Securely manage firmware configuration of devices
  • Take advantage of vendor factory services to enable hardware and firmware security configurations right from the factory
  • Monitor ongoing compliance of device hardware and firmware configuration across your fleet of devices

The HP Wolf Security survey was conducted from February 22 to March 5, 2024. It is based on a survey of 803 IT and security decision-makers in the US, Canada, UK, Japan, Germany and France. The survey was carried out online.

HP Wolf Security’s research was launched ahead of Black Hat USA 2024.

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

6 common Geek Squad scams and how to defend against them
Record $65m Settlement for Hacked Patient Photos
Malicious Actors Spreading False US Voter Registration Breach Claims
Irish Data Protection Regulator to Investigate Google AI
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution

Leave a Reply

Your email address will not be published. Required fields are marked *