HP study reveals rise in nation-state attacks on supply chains

A recent HP study has disclosed a marked increase in nation-state attacks on hardware supply chains, placing businesses at heightened risk. The study, conducted by HP Wolf Security, surveyed 800 IT and security decision-makers (ITSDMs) responsible for device security, and the results paint a concerning picture.

Key findings reveal that nearly one in five (19%) organisations have already experienced incidents involving nation-state actors targeting their hardware supply chains. In the United States, this figure rises to 29%. Moreover, over a third (35%) of the respondents believe they or their peers have been affected by attempts to insert malicious hardware or firmware into devices. An overwhelming 91% predict that such attacks will continue to increase, with almost two-thirds (63%) anticipating that the next major nation-state attack will involve poisoning hardware supply chains to introduce malware.

Alex Holland, Principal Threat Researcher in the HP Security Lab, commented on the gravity of the situation: "System security relies on strong supply chain security, starting with the assurance that devices are built with the intended components and haven't been tampered with during transit. If an attacker compromises a device at the firmware or hardware layer, they'll gain unparalleled visibility and control over everything that happens on that machine. Just imagine what that could look like if it happens to the CEO's laptop."

Holland further highlighted the difficulty of detecting such attacks, noting, "Such attacks are incredibly hard to detect, as most security tools sit within the operating system. Moreover, attacks that successfully establish a foothold below the OS are very difficult to remove and remediate, adding to the challenge for IT security teams."

The study also reveals that over half (51%) of ITSDMs are concerned about their inability to verify whether PC, laptop, or printer hardware and firmware have been tampered with during transit. An additional 77% state that they need technology to ensure hardware integrity to mitigate the risks of tampering. 78% of ITSDMs say their attention to software and hardware supply chain security will grow as attackers increasingly focus on infecting devices during transit.

Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Security Lab underlined the necessity of maintaining security in distributed hybrid workplace environments. "In today's threat landscape, managing security across a distributed hybrid workplace environment must start with the assurance that devices haven't been tampered with at the lower level. This is why HP is focused on delivering PCs and printers with industry-leading hardware and firmware security foundations designed for resilience, to allow organisations to manage, monitor and remediate device hardware and firmware security throughout the lifetime of devices, across the fleet," Balacheff explained.

In response to these challenges, HP Wolf Security advises businesses to adopt several measures to proactively manage device hardware and firmware security. These recommendations include adopting Platform Certificate technology to verify hardware and firmware integrity upon device delivery, using technologies like HP Sure Admin and HP Security Manager to securely manage firmware configuration remotely, and leveraging vendor factory services like HP Tamper Lock to enhance device security from the outset. They also suggest monitoring ongoing compliance of device hardware and firmware configuration across the fleet of devices.

Censuswide collected the survey data on behalf of HP between 22 February and 5 March 2024, involving IT and security decision-makers from the US, Canada, UK, Japan, Germany, and France.