The IT Law Wiki

Supply chain attack

32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

A supply chain attack is an attack through subversion of hardware or software supply chain.

Overview Edit

It can be viewed as another type of insider threat. Access through a hardware supply chain may require development and manufacturing of a subverted version of a microelectronic component and a complicated operation to insert the device into the targeted computer, possibly through use of insiders in the supply chain.

A software supply chain attack might involve, for example, a subversion embedded in lower-level system software not likely to be evaluated during testing. Another approach is to subvert the master copy of software used for broad distribution. Even if the software is tested, subversions may be difficult to detect since they would typically be revealed only under circumstances difficult for a defender to discover.

Source Edit

Also on Fandom

Random Wiki