CAPEC-520 - Counterfeit Hardware Component Inserted During Product Assembly

An attacker with either direct access to the product assembly process or to the supply of subcomponents used in the product assembly process introduces counterfeit hardware components into product assembly. The assembly containing the counterfeit components results in a system specifically designed for malicious purposes.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Resources to maliciously construct components used by the manufacturer.

High level: Resources to physically infiltrate manufacturer or manufacturer's supplier.

The attacker will need either physical access or be able to supply malicious hardware components to the product development facility.