Supply chain attacks are scary, but there are plenty of other hardware-based issues organizations should be worrying about before they have to panic about the complex malicious implants in their servers.
Hardware security researcher Joe FitzPatrick explains how non-experts should assess claims of hardware implants and backdoors.
Dennis Fisher speaks with hardware security researcher Joe FitzPatrick about finding and verifying hardware implants.
The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency warned in an advisory that cardio defibrillators from medical device company Medtronic can be modified while still implanted in patients. Without access control, the defibs can't differentiate between authorized and unauthorized instructions.
Joe FitzPatrick, one of the small number of hardware security experts, says security teams and operators need to ask hard questions when they see claims of malicious hardware implants.