Definition

equipment destruction attack

Part of the Malware glossary:

An equipment destruction attack, also known as a hardware destruction attack, is an exploit that destroys physical computer and electronic equipment.

Equipment destruction attacks can be enabled simply as a result of physical access to the computer hardware, along with a tool for attack – which could also be as simple as a hammer or a cup of coffee. However, remotely-initiated malware can also be used to destroy computer equipment. It’s commonly believed that malware cannot affect computer hardware and that a format of the hard disk is the most extreme measure required to fix an issue. In reality, however, a number of equipment destruction attacks have been fully documented.

Stuxnet is one vivid example of a hardware destruction attack. Stuxnet is a worm rootkit that affects Supervisory Control and Data Acquisition (SCADA) systems. SCADA systems control water and sewage plants, telecommunications, oil and gas refining systems as well as nuclear and other power plants. According to an article in the New York Times, it is likely that the United States and Israeli governments developed Stuxnet as a joint project. According to the authors, Israel has used the malware to attack Iranian nuclear power plant centrifuges, destroying several of them.

A few other examples:

  • Using equipment similar to a frequency jammer, an attacker can use an over-powered and focused radio signal to break sensitive chips in Wi-Fi access points.
  • At an RSA security conference demo, security company Crowdstrike forged an Apple firmware update for the Macintosh ACPI (advanced configuration and power interface) embedded controller. The forged update contained code that stuck CPU usage at 100 percent and turned off the device’s fans. A number of components were destroyed by heat and the systems were rendered unusable.
  • The same level of control demonstrated by Crowdstrike is available to BadBIOS, which could easily enable similar methods for hardware destruction.

This was last updated in July 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • malware testing

    - Malware testing is the practice of subjecting malicious programs to software testing tools and procedures designed to assess the viability of legitimate applications. Malicious software developers ... (WhatIs.com)

  • domain generation algorithm (DGA)

    - A domain generation algorithm or DGA is a computer program used to create domain names, typically for the purpose of propagating remotely controlled Web-based malware. (SearchSecurity.com)

  • pre-installed malware

    - Pre-installed malware is malicious software that is put on a machine before it is delivered to the user. New devices are usually assumed to be uncompromised but there are numerous reports of malwar... (WhatIs.com)

Glossaries

  • Malware

    - Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About equipment destruction attackPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.