Supply Chain Attack (Hardware)

A hardware supply chain attack compromises a device before it ever reaches the end user, by inserting malicious functionality or vulnerabilities at some point in its manufacturing, distribution, or logistics path. NIST defines supply chain attacks as those that let adversaries use implants or pre-installation vulnerabilities to infiltrate or manipulate hardware, firmware, peripherals, or services anywhere along the chain. Because the tampering happens upstream, the buyer receives a device that is compromised out of the box.

Attack Vectors

Common methods include malicious implants, hidden hardware added during fabrication or assembly; counterfeit components substituted for genuine parts that haven't been verified; and tampered firmware or BIOS flashed before shipment. A related threat is the hardware Trojan, a malicious circuit modification that can leak secrets through a side channel, disable functionality on command, or alter behavior. Interdiction, intercepting a device in transit to modify it, is another route, blurring the line between supply-chain and evil-maid attacks.

Reducing Exposure

No buyer can fully audit a global supply chain, but risk can be lowered. Source devices directly from the manufacturer or trusted resellers rather than third-party marketplaces; verify tamper-evident packaging on arrival; and confirm firmware authenticity through vendor-published checksums and signature verification before first use. Open, auditable hardware and reproducible firmware builds further shrink the trust you must place in any single party, a core reason the sovereign-computing community favors open designs.

This threat overlaps with the evil maid attack when interdiction occurs in transit, and with the hardware backdoor that an implant may install. Verifying firmware on arrival is a key defense.