Subj : Attacks from nation-states targeting physical device supply chain To : All From : TechnologyDaily Date : Mon Aug 05 2024 17:00:05 Attacks from nation-states targeting physical device supply chains posing a rising threat Date: Mon, 05 Aug 2024 15:56:11 +0000 Description: Supply chains attacks by nation states are becoming more dangerous than ever, report warns. FULL STORY ====================================================================== A growing number of businesses believe they have been impacted by hardware supply chain attacks from nation-state threat actors - with 29% of US firms believing they have been targeted. Researchers from HP Wolf Security surveyed 800 IT and security decision makers (ITSDM) to investigate perceived threats aimed at device hardware and firmware within the physical supply chain. Over a third of those studied believed they had been targeted by nation-state actors attempting to interest malicious hardware or firmware into devices - and half said they were concerned they cannot verify PC, laptop, or printer hardware hasnt been tampered with in transit. Supply chain security The organizations studied were overwhelmingly concerned with physical targets like PCs, laptops, and printers within the supply chain, with 91% believing that nation-state actors will use malicious components to attack hardware. Uncertainty is rising, with 78% of ITSDMs saying their attention to software and hardware supply chain security will grow as attackers try to infect devices during transit. Hardware and firmware attacks are particularly alarming as particularly difficult to detect, remove, and remediate. Security tools sit within the operating system, so devices that have been tampered with are hard to identify. Once an attacker has compromised the hardware or firmware of a device, they have complete control over the appliance, and can see anything the machine is used for. In todays threat landscape, managing security across a distributed hybrid workplace environment must start with the assurance that devices havent been tampered with at the lower level, said Boris Balacheff, HPs Chief Technologist for Security and Research Innovation. Going forward, HP recommends organizations monitor compliance of device hardware and firmware configuration across all devices, as well as securely managing firmware configurations and adopting platform certificate technology to verify hardware integrity. More from TechRadar Pro Report finds macOS fares worse than Windows and Linux at preventing cyber attacks Downloaded something dodgy? It could be time to deploy the best firewall tools Enhance your security with the best endpoint protection ====================================================================== Link to news story: https://www.techradar.com/pro/attacks-from-nation-states-that-target-physical- device-supply-chains-pose-rising-threat --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .