Hardware cyber supply-chain attacks though electronic components

by David Fradis

The risks of and lack of solutions for cyber-based threats to supply chains are cause for growing concern within the #cybersecurity industry. The cost-driven market requires the use of commercially available off-the-shelf (COTS) components or just-in-time (JIT) manufacturing processes for electronic assemblies, of which most are produced in unsecured foreign facilities. In addition, pre-assembled components can be tampered with or altered, and their authenticity or integrity cannot be assured. These attacks can be launched by two methods:

Hardware cyber-attacks can be performed by inserting malware-firmware into a programmable component. The altered firmware allows the attacker access to the system. To facilitate this attack, the attacker needs to unmount the component from its package and interface it with a programming probe.

A more sophisticated approach was presented in the disputed “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” published by Bloomberg in October 2018, about an alleged cyber-attack. The attackers engineered a component to pose as an innocent passive component. In this case, the component was designed to have the look-and-feel of an authentic component with embedded malicious hardware capabilities inserted during production.

Most believe that there is no effective way to stop the hardware-cyber infiltration through the supply chain. This is no longer true. Cybord’s system allows affordable scanning of all components before they are installed, even the cheap passive ones, and detect re-programmed and hardware engineered components. How can you be sure your hardware wasn’t hacked if you haven’t checked?!

https://www.linkedin.com/pulse/hardware-cyber-supply-chain-attacks-though-electronic-weiss-ph-d-/

Counterfeit Electronic Components – Unknowingly Usage Consequences

by David Fradis

Electronic components are the “raw materials” of the electronics industry. Nevertheless, there is no test procedure in place performing “incoming inspection” on this raw material. The overwhelming majority of the components are assembled without any testing, paving the way to a $30B fraud counterfeit industry. Most manufacturers use counterfeit components unknowingly.

Some may say: “If it works, who cares it’s counterfeit, right!?” Wrong! Do you want to be on a plane where the controls are made of fake parts, even if they seem to do the job? Here is why you don’t want counterfeit components in your system:

Counterfeit components may be cheap copies, recycled, rejected, old, or tampered components. Cheap copies are components that are built using low-quality materials, processes, and quality assurance. They may pass first functional testing; however, they are not the same as authentic ones. For example, a capacitor made by a decent manufacturer and a copy may roughly have the same capacitance, however, when operating under voltage bias the authentic capacitor will maintain its capacitance, while the copy will not. Whether this will cause failure to the system or not is a matter of luck. There is no practical way to do functional tests for all the components on the circuit-board under all possible operation conditions.

Another issue is old components posing as fresh ones. The component connection-leads determine the strength and quality of the soldering bond and its ability to withstand stress and time. The soldering leads age quickly because of chemical inter-metallic reactions and corrosion. This process is accelerated by poor storage conditions, humidity and temperature. A solder joint made with deteriorated leads may be strong enough to hold and pass the functional tests but statistically they will cause increased failure rates, lowering the system Mean Time Between Failures (MTBF). Again, testing all circuits for these kinds of statistical failures after assembly is simply inefficient and extremely expensive.

Just because a product passed manufacturing post-assembly inspection does not guarantee it is free of counterfeit components. The vast majority of counterfeit components pass through them without detection causing failures later on in the product life cycle and leading to poor quality and recalls. For that reason, many manufacturers are not aware of the extent of counterfeit components they use. It fails statistically later-on in the product life cycle and they never hear of it, which reduces their costumer’s trust. If they do get recalls, they rarely trace the failure back to a counterfeit component, they sign it off as the cost of doing business when in fact it can be easily avoided.

The global damage due to counterfeit components is estimated at $580B annually! Leaving it to luck and trust does not work well for the market. Make sure you use only authentic components. Test all the electronic components in your system! Cybord’s AI software tests 100% of the components before they are assembled. It independently assures and reports that only authentic, fresh and untampered components are used on each assembled board.

The growing threat of counterfeit and cyber components

by David Fradis

Cyberspace has made the world interconnected. Although this has significant advantages, it creates an opening for electronic attacks. Attackers are exploiting any vulnerability that they can find to threaten, steal, disrupt, or destroy information and services. There are many cyber vulnerabilities, but one that goes overlooked is the manufacturing and supply chain process of hardware. The growing globalized marketplace currently has very few, if any, security measures in place to protect against the counterfeiting of electronic hardware or the insertion of cyber components to infiltrate systems. This creates a significant problem for the market.

One of the gravest issues relates to the installation of “back-doors” in electronic hardware. The potential for “back-doors” being built into cyber components is a reality that puts entire systems at risk. Once these modifications or back-doors have been built into the hardware, they can be nearly impossible to detect, especially in the testing process. The miniaturization and complexity of electronics has made it nearly impossible to detect whether a part of a chip has been tampered with, built in, or compromised.

This counterfeit threat is a growing problem for businesses, costing millions of dollars a year in lost time, labor, and failed equipment. Over the past decade, there have been several cases in which U.S. law enforcement has seized millions of dollars in counterfeit parts and prevented their sale in sting operations. A Senate report from 2012 found “1,800 cases of counterfeit electronics parts involving over one million suspected parts.” Counterfeit parts have been found in aircraft made by Boeing and Lockheed Martin, to name a few. In 2018, the security nightmare came true when Bloomberg reported that Supermicro had been infiltrated by malicious cyber components that introduced a hardware back-door to the company’s server boards. These boards were installed in multiple high-profile locations including Amazon, CIA, the Navy, and more.

Unfortunately, the numbers continue to grow: there are significant examples of counterfeit and cyber-attack incidents that go unreported and even more cases that haven’t yet been identified. One can only imagine what effect an inserted cyber component may have on autonomous vehicles, military equipment or IoT devices.

The testing process can move beyond simply checking that electronic hardware is functioning as intended. Testing should act preventatively by verifying that every component assembled is 100% authentic, without being altered or tampered with. State of the art big-data technology can be used to learn and identify authentic and inauthentic components before they enter production.

Cybord delivers affordable, fully automated, AI, multi-physics, high throughput, 100% non-destructive component inspection and authentication. The system scans every component without removing them from their original packaging. It then uploads and processes the component using comprehensive AI-based, Big-Data algorithms, ensuring the security your product needs.

Software cyber security gets most of the attention, but “Zero-Trust” goes all the way to the hardware, where systems can be the most vulnerable.

The #Cybersecurity breach in electronic components

by David Fradis

Malicious cyber components are a serious threat to any electronic system’s users. Cyber infiltration is achieved by replacing authentic components with cyber engineered components that appear identical to the authentic ones. Modern engineered cyber components are the fruits of careful planning and designing by either high-level industrial powers or, in recently uncovered cases, by actors at a state level or a well-connected crime organization.

The cyber-attack seed is unknowingly sown by the electronic manufacturer that uses the substituted component reels in their assembly process. The manufacturers are doing their absolute best to mitigate counterfeit components assuming that the anti-counterfeiting measures are effective against cyber-engineered components. Unfortunately, this is not the case, mainly for two reasons:

Existing counterfeit mitigation standards do not require any test at all of components that were purchased from an authorized component distributor. The notion that the attacking organization is powerful enough to design and manufacture advanced cyber components but does not have the resources to infiltrate the authorized supply chain is nothing short of ridiculous. Nevertheless, not a single authorized component is tested.

Second, even tested components are randomly selected from the test poll. The typical sampling according to SAE AS6081 standard ratio is ~10% by visual defects inspection, ~0.1% by destructive tests that have some chance of detecting counterfeit components like dimensions, color permanency, decapsulation, and ~3% by X-ray. This sampling ratio is not effective against cyber engineered or counterfeit components that today are being dispersed among authentic components in the same reel or tray. The holes in the net are just too wide to catch the cyber components by this sampling ratio.

Unfortunately, the latest cyber infiltration events prove that using current counterfeit mitigation against cyber engineered components is not effective. One can only imagine what effect an inserted cyber component may have on autonomous vehicles, military equipment or medical devices.

Post-assembly mitigation is not satisfactory and doesn’t provides any relief. Cyber-attack can take different forms and many faces, from mass-data extraction to deteriorated functionality. It may be used to claim ransom or as a “Sleeper Agent” awaiting due date. You simply can’t afford malicious hardware in your organization. Only pre-assembly detection can prevent cyber component from infiltrating your organization.       

Modern testing should act precautionary by verifying that every component assembled is 100% tested. “Cybord” delivers affordable, fully automated, multi-physics, high throughput, 100% non-destructive component inspection and authentication. The system scans every component without removing it from its original packaging. It then uploads and processes the component using comprehensive AI-based, Big-Data algorithms, ensuring the security your product needs.

Software cyber security gets most of the attention, but “Zero-Trust” goes all the way to the hardware, where systems can be the most vulnerable.