Naziv |
Infiltration of Hardware Development Environment |
---|---|
Sažetak | An attacker, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise. |
Preduvjeti | The victim must use email or removable media from systems running the IDE (or systems adjacent to the IDE systems).|The victim must have a system running exploitable applications and/or a vulnerable configuration to allow for initial infiltration.|The attacker must have working knowledge of some if not all of the components involved in the IDE system as well as the infrastructure. |
Rješenja | no |