- ITDM 2025 전망 | 금융 플랫폼 성패, 지속가능한 사업 가치 창출에 달렸다” KB국민카드 이호준 그룹장
- “고객경험 개선하고 비용은 절감, AI 기반까지 마련” · · · AIA생명의 CCM 프로젝트 사례
- 2025年、CIOはAIに意欲的に投資する - そしてその先も
- The best robot vacuums for pet hair of 2024: Expert tested and reviewed
- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
Nation-State Attacks Target Hardware Supply Chains
A new report from HP Wolf Security has highlighted the growing danger from threat actors targeting physical device supply chains with 19% of organizations saying they have been impacted by nation-state threat actors targeting physical PC, laptop or printer supply chains.
Of the 800 IT and security decision makers surveyed, almost all (91%) believe nation-state threat actors will target physical PC, laptop or printer supply chains to insert malware or malicious components into hardware and/or firmware.
Meanwhile, over a third (35%) of organizations said that they or others they know have already been impacted by nation-state threat actors targeting supply chains to try and insert malicious hardware or firmware into devices.
“System security relies on strong supply chain security, starting with the assurance that devices are built with the intended components and haven’t been tampered with in the factory or during transit,” commented Alex Holland, Principal Threat Researcher in the HP Security Lab.
“If an attacker compromises a device at the firmware or hardware layer, they’ll gain unparalleled visibility and control over everything that happens on that machine. Just imagine what that could look like if it happens to the CEO’s laptop,” he said.
Around two-thirds (63%) of security leaders surveyed also believe that the next major nation-state attack will involve poisoning hardware supply chains to insert malware.
How to Manage Hardware and Firmware Security
HP Wolf Security has advised customers to take the following steps to help proactively manage device hardware and firmware security:
- Adopt Platform Certificate technology, this is designed to enable verification of hardware and firmware integrity upon device delivery
- Securely manage firmware configuration of devices
- Take advantage of vendor factory services to enable hardware and firmware security configurations right from the factory
- Monitor ongoing compliance of device hardware and firmware configuration across your fleet of devices
The HP Wolf Security survey was conducted from February 22 to March 5, 2024. It is based on a survey of 803 IT and security decision-makers in the US, Canada, UK, Japan, Germany and France. The survey was carried out online.
HP Wolf Security’s research was launched ahead of Black Hat USA 2024.