Skip to Main Content

The future of cybersecurity is in the hands of hardware engineers.

While we commonly hear about cyberattacks on software, hackers are becoming increasingly focused on hardware.

Semiconductor integrated circuits, also known as computer chips, are the powerhouses that essentially run all hardware. The functionality of our everyday hardware such as cell phones, computers, refrigerators and even airplanes and electric grids are all dependent on a singular chip. Given that the majority of items we consider essential to our lives are run through a chip, the global chip market is estimated to total $364.1 billion in 2017 and Cisco estimates over 50 billion additional Internet-connected devices will come online by 2020.

As chips are the control centers to our digital world, it’s no surprise that if a chip were maliciously tampered with by a hacker it could cause a detrimental effect on any individual who depends on the chip. Hardware engineers, particularly design engineers, must think like a hacker in order to stop hardware cyber crime. In this blog post, we’ll discuss the two most common ways cyber crimes involving hardware attacks are committed so that hardware engineers can create hardware that is protected from attacks.

Overseas Hardware Production

When U.S. companies cut tech department budgets, they often outsource hardware manufacturing overseas to keep production costs low. While overseas outsourcing enables organizations to keep their costs low, it also increases their vulnerability for malicious modifications (attacks) from engineers working on the hardware, resulting in a far greater cost for the organization. While many overseas partnerships result in great work, the fact of the matter is that U.S. companies are outsourcing to economically competing countries, and the delocalization of hardware production poses security threats on Western products. Remember the great McDonald’s MP3 disaster? 10,000 lucky winners of a McDonald’s contest won an MP3 player with 10 already downloaded songs. But when the so-called lucky winners connected the MP3 player to their computers, they unknowingly installed Trojan malware onto their PCs that collected their personal data—the MP3 player had been hacked.

Hardware engineers have to build their case more than ever to their tech teams that their role is needed in preserving the integrity of chips and avoiding hardware attacks in an overseas design process. While employee hardware attacks certainly happen on local grounds within organizations, when the access to chip production and information is compartmentalized and limited to a local team, they’re much less likely to happen.

Hardware that Lacks Proper Security

The most common hardware attacks include:

  • Backdoor creations
  • Gaining access to chip memory
  • Inducing faults, causing the interruption of normal behavior
  • Hardware tampering

As hardware engineers understand the intentions behind hardware hacks, they’re able to develop more robust testing processes designed to reveal carefully constructed and hidden deliberate flaws to chips. Scott Borg, director of the U.S. Cyber Consequences Unit, encourages hardware designers to think about how they lay out certain functions in the beginning of the design process, and says that the focus should be on security from the start rather than retrofitting security onto an already completed system. Hardware engineers need to look at the chips they’re building from the lens of a hacker to understand how the attacker would benefit from hacking the hardware and then minimize the hacking chances at the ground level.

The increase in hardware attacks and overall emerging awareness of hardware vulnerability to cybercrime creates opportunities for employment in hardware positions, which are expected to increase by almost 10 percent by 2020. To tap into the open hardware market, hardware engineers must understand how hackers think to help hardware teams build the best hardware and avoid detrimental hardware attacks.

Ready to explore open hardware positions? Click here!