Abstract: Digital markets have quickly grown to international proportions, complexities in materials, development, and distribution have developed accordingly, resulting in market efficiency and, often overlooked, incalculable risks. There is a fine line between acceptable and irreconcilable risk, while some risks are mitigatable, others are not, and ignoring the facts has disproportionate consequences. This presentation will explore modern supply chain security risks through a technical deep dive of 5G infrastructure and the political battles surrounding it. However, a wider acknowledgment of the supply chain problem doesn’t make it go away. We need to understand the inherent hardware vulnerabilities exposed. Currently, confidence in hardware security relies too much on implicit trust — overlooking serious threats. Assurance in this area is hard-won, manual, and costly. To highlight this, several hardware implant techniques will be discussed, showcasing various attack methods as well as the point at which they are most likely to be exploited in a standard supply chain.

Bio: Sophia is the founder of Margin Research, a boutique security research firm based in New York City and the Hacker in Residence at NYU. Previously she has served at the NSA as well as a commercial security company. She is an alumnus of RPI, where she taught Modern Binary Exploitation and helped run RPISEC, the university CTF team. Her current work focuses on finding novel solutions to unique security problems, software vulnerabilities, and information operations.