Posted May 27, 12:18 PM by ben
What happens when attacks are on physical commodities and their supply chains? Last week’s hubbub about counterfeit Cisco devices has created a bit of a stir. It’s easy when it’s software which can be corrected in a matter of months, but what happens when you can’t trust your hardware? It seems that Cisco’s current stance is to stand behind their supply chain.
This is a precarious position, indeed, it’s something the Oil industry is trying (and failing) too. The software (or anything virtual/logical) supply chain can be easily fixed as the turnaround time can be hours or days. What happens when release cycles last months or years? If such a supply chain is attacked, or simply can’t be trusted, then it’ll be a bigger issue of applying a few patches.
Think oil and energy, think food, think transportation, think how slow the military industrial complex is on reacting.
// :: current-events/ threats
Commenting is closed for this article.
This work by http://electricfork.com is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
I lead an information security ops and response team. This site is a collection of interesting notes and brainstorms on the protecting from, detecting of, and responding to badness. You can read more about me or my site here.
You can subscribe to my blog via rss 
, or if you're looking for older items check out my archive of previous posts.
I organize a small infosec meetup in baltimore called charmsec. If you are looking for charmsec details you probably want to go here.
RSS