this post was submitted on 18 Sep 2024
174 points (100.0% liked)

World News

2304 readers
103 users here now

founded 4 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] freagle@lemmygrad.ml 22 points 1 month ago (1 children)

This wasn't need shit. This was a supply chain attack. Most people saw supply chain attacks as pure cyber - backdoors, remote listening, etc. This is the first supply chain attack I know of that added lethality. This is something every organization is going to look for on all electronics shipments now.

[โ€“] Barx@hexbear.net 1 points 1 month ago

If you are supplying thousands of devices to an org the first thing you should do is verify the supply chain / your infosec around the ordering process and then disassemble some when they arrive. All it requires is a screwdriver and a spudger at most. Personally, I would have been looking out for recording devices or GPS devices, but you would also discover the bomb material if you did this.