CAPEC-444: Development Alteration

Description

An adversary modifies a technology, product, or component during its development to acheive a negative impact once the system is deployed. The goal of the adversary is to modify the system in such a way that the negative impact can be leveraged when the system is later deployed. Development alteration attacks may include attacks that insert malicious logic into the system's software, modify or replace hardware components, and other attacks which negatively impact the system during development. These attacks generally require insider access to modify source code or to tamper with hardware components. The product is then delivered to the user where the negative impact can be leveraged at a later time.

Extended Description

Supply chain attacks from approved or trusted developers are extremely difficult to detect as it is generally assumed the quality control and internal security measures of these organizations conform to best practices. In some cases the malicious logic is intentional, embedded by a disgruntled employee, programmer, or individual with an otherwise hidden agenda. In other cases, the integrity of the product is compromised by accident (e.g. by lapse in the internal security of the organization that results in a product becoming contaminated). In further cases, the developer embeds a backdoor into a product to serve some purpose, such as product support, but discovery of the backdoor results in its malicious use by adversaries. It is also worth noting that this attack can occur during initial product development or throughout a product's sustainment.

Severity :

High

Possibility :

Medium

Type :

Standard

Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-206: Signing Malicious Code Signing Malicious Code CAPEC-438: Modification During Manufacture Modification During Manufacture CAPEC-443: Malicious Logic Inserted Into Product by Authorized Developer Malicious Logic Inserted Into Product by Authorized Developer CAPEC-445: Malicious Logic Insertion into Product Software via Configuration Management Manipulation Malicious Logic Insertion into Product Software via Configuration Management Manipulation CAPEC-446: Malicious Logic Insertion into Product via Inclusion of Third-Party Component Malicious Logic Insertion into Product via Inclusion of Third-Party Component CAPEC-511: Infiltration of Software Development Environment Infiltration of Software Development Environment CAPEC-516: Hardware Component Substitution During Baselining Hardware Component Substitution During Baselining CAPEC-520: Counterfeit Hardware Component Inserted During Product Assembly Counterfeit Hardware Component Inserted During Product Assembly CAPEC-532: Altered Installed BIOS Altered Installed BIOS CAPEC-537: Infiltration of Hardware Development Environment Infiltration of Hardware Development Environment CAPEC-538: Open-Source Library Manipulation Open-Source Library Manipulation CAPEC-539: ASIC With Malicious Functionality ASIC With Malicious Functionality CAPEC-670: Software Development Tools Maliciously Altered Software Development Tools Maliciously Altered CAPEC-672: Malicious Code Implanted During Chip Programming Malicious Code Implanted During Chip Programming CAPEC-673: Developer Signing Maliciously Altered Software Developer Signing Maliciously Altered Software CAPEC-678: System Build Data Maliciously Altered System Build Data Maliciously Altered CAPEC-691: Spoof Open-Source Software Metadata Spoof Open-Source Software Metadata

Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

Access to the system during the development phase to alter and/or modify software and hardware components. This access is often obtained via insider access or by leveraging another attack pattern to gain permissions that the adversary wouldn't normally have.

Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

Visit http://capec.mitre.org/ for more details.