Home > CAPEC List > CAPEC-531: Hardware Component Substitution (Version 2.10)  

CAPEC-531: Hardware Component Substitution

 
Hardware Component Substitution
Definition in a New Window Definition in a New Window
Attack Pattern ID: 531
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker substitutes out a tested and approved hardware component for a maliciously-altered hardware component. This type of attack is carried out directly on the system, enabling the attacker to then cause disruption or additional compromise.

+ Attack Prerequisites

  • Physical access to the system or the integration facility where hardware components are kept.

+ Typical Severity

High

+ Typical Likelihood of Exploit

Likelihood: Low

The nature of these type of attacks involve a coordinated effort between well-funded multiple attackers, and sometimes require physical access to successfully complete an attack. As a result these types of attacks are not launched on a large scale against any potential victim, but are typically highly targeted against victims who are often targeted and may have rather sophisticated cyber defenses already in place.

+ Examples-Instances

Description

An attacker has access to an organization's warehouse of card readers being included as a part of an overall security system. By replacing a critical hardware component in the card reader, the attacker is able to alter the function of the card reader to allow an attacker-supplied card to bypass a security checkpoint. The card reader is placed in the warehouse, and later used in the victim's security system. The attacker is then able to go to the victim and use their own card and bypass a physical security checkpoint and gain access to the victim's location for further malicious activity.

+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: High

Able to develop and manufacture malicious system components that perform the same functions and processes as their non-malicious counterparts.

+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Attack_Patterns, Typical_Likelihood_of_ExploitInternal
Previous Entry Names
DatePrevious Entry Name
2015-11-09Hardware Component Substitution After Installation
More information is available — Please select a different filter.
Page Last Updated or Reviewed: May 01, 2017
 

Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the Terms of Use. For more information, please email capec@mitre.org.

CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2007 - 2017, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.

Privacy policy
Terms of use
Contact us