• freagle@lemmygrad.ml
    ·
    2 months ago

    This wasn't need shit. This was a supply chain attack. Most people saw supply chain attacks as pure cyber - backdoors, remote listening, etc. This is the first supply chain attack I know of that added lethality. This is something every organization is going to look for on all electronics shipments now.

    • Barx [none/use name]
      ·
      2 months ago

      If you are supplying thousands of devices to an org the first thing you should do is verify the supply chain / your infosec around the ordering process and then disassemble some when they arrive. All it requires is a screwdriver and a spudger at most. Personally, I would have been looking out for recording devices or GPS devices, but you would also discover the bomb material if you did this.