An attacker substitutes out a tested and approved hardware component for a maliciously-altered hardware component. This type of attack is carried out directly on the system, enabling the attacker to then cause disruption or additional compromise.
Attack Prerequisites
Physical access to the system or the integration facility where hardware components are kept.
Typical Severity
High
Typical Likelihood of Exploit
Likelihood: Low
The nature of these type of attacks involve a coordinated effort between well-funded multiple attackers, and sometimes require physical access to successfully complete an attack. As a result these types of attacks are not launched on a large scale against any potential victim, but are typically highly targeted against victims who are often targeted and may have rather sophisticated cyber defenses already in place.
Examples-Instances
Description
An attacker has access to an organization's warehouse of card readers being included as a part of an overall security system. By replacing a critical hardware component in the card reader, the attacker is able to alter the function of the card reader to allow an attacker-supplied card to bypass a security checkpoint. The card reader is placed in the warehouse, and later used in the victim's security system. The attacker is then able to go to the victim and use their own card and bypass a physical security checkpoint and gain access to the victim's location for further malicious activity.
Attacker Skills or Knowledge Required
Skill or Knowledge Level: High
Able to develop and manufacture malicious system components that perform the same functions and processes as their non-malicious counterparts.
Hardware Component Substitution After Installation
More information is available — Please select a different filter.
Page Last Updated or Reviewed:
August 04, 2017
Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the
Terms of Use. For more information, please email
capec@mitre.org.