this post was submitted on 18 Sep 2024
174 points (100.0% liked)
World News
2304 readers
103 users here now
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This wasn't need shit. This was a supply chain attack. Most people saw supply chain attacks as pure cyber - backdoors, remote listening, etc. This is the first supply chain attack I know of that added lethality. This is something every organization is going to look for on all electronics shipments now.
If you are supplying thousands of devices to an org the first thing you should do is verify the supply chain / your infosec around the ordering process and then disassemble some when they arrive. All it requires is a screwdriver and a spudger at most. Personally, I would have been looking out for recording devices or GPS devices, but you would also discover the bomb material if you did this.