How is a hardware hack different than a software hack? Hardware Hack vs. Software Hack: • Hardware hack involves physically tampering with computer parts, while a software hack involves exploiting software weaknesses. • Hardware hacks need physical access, while software hacks can be done remotely.
What are the two ways for spies to alter a computer's hardware? Two Ways for Spies to Alter Hardware: • Inserting Malicious Chips: Spies may secretly put harmful chips into computers. • Supply Chain Attack: Spies manipulate the production process to get compromised components into devices.
Explain how the hack worked. • Supply Chain Manipulation: The adversary infiltrates a manufacturer's facility that produces the specific computer's microchips. They introduce a malicious chip into the production process without the manufacturer's knowledge. • Distribution: The compromised chips are distributed to various computer manufacturers using them in their products. The targeted government agency purchases computers containing these compromised chips. • Exploitation: The malicious chip may have a backdoor or vulnerability that the adversary can exploit remotely. They gain access to the compromised computers within the government agency's network. • Data Exfiltration: The adversary collects sensitive data from compromised computers, conducts espionage, or carries out other malicious activities.
How were investigators able to trace the chips back to the source? Tracing Back to the Source: • Detect Suspicious Activity: Investigators spot unusual computer behavior. • Investigation: They analyze the computer and find the sneaky chip. • Trace Supply Chain: They follow the chip's path back to where it was made. • Attribution: Authorities figure out who did it through investigation and intelligence work.
Lab: https://docs.google.com/document/d/148UqronpHVabiu5KEluSbL7bujQr6LXz8qe8pcNEhiM/edit?usp=sharing