Latest Headlines
HP Study: Global Hardware Supply Chain Attacks Growing
Olawale Ajimotokan
There is a growing global concern over hardware supply chain attacks.
According to a recent study conducted by HP Wolf Security, it was discovered that 19 per cent of businesses had been impacted by nation-state threat actors targeting physical supply chains.
The survey was conducted by Censuswide on behalf of HP Inc. from February 22 – March 5, 2024, among 803 IT and security decision-makers in the US, Canada, UK, Japan, Germany, and France.
The report added that 29 per cent of businesses in the US have reported such incidents.
The study highlighted further the need for organisations to focus on device hardware and firmware integrity.
Among other key findings of the report, it was stated that 35 per cent of organisations believed they or others they know had been impacted by nation-state threat actors targeting supply chains to insert malicious hardware or firmware.
Also 91 per cent of organisations believed nation-state threat actors would target physical supply chains to insert malware or malicious components, while 63 per cent feared the next major nation-state attack would involve poisoning hardware supply chains.
Expert insights by Principal Threat Researcher at HP Security Lab, Alex Holland said system security relies on strong supply chain security, starting with the assurance that devices are built with intended components and haven’t been tampered with during transit.
“If an attacker compromises a device at the firmware or hardware layer, they will gain unparalleled visibility and control,” Holland said.
In the light of the report, 78 per cent of IT security decision-makers said their attention to software and hardware supply chain security would grow as attackers try to infect devices during transit.
Also 51 per cent raised concern they cannot verify if PC, laptop, or printer hardware and firmware have been tampered with during transit.
In addition 77 per cent said they needed a way to verify hardware integrity to mitigate the risk of device tampering.
HP Wolf Security advises customers to adopt Platform Certificate technology to verify hardware and firmware integrity upon device delivery and
securely manage firmware configuration using technology like HP Sure Admin or HP Security Manager.