CERT warns supply chain vulnerabilities could expose national critical infrastructure

The National Cyber Emergency Response Team has issued a high urgency advisory warning that hostile actors may exploit hardware and software supply chains to infiltrate and disrupt national critical infrastructure. The advisory states that global supply chains have shifted from being a logistical concern to becoming a primary battleground for "state-sponsored sabotage and espionage". According to the document titled Securing National Critical Infrastructure Against Supply Chain Exploitation, attackers no longer rely solely on breaching network perimeters. Instead, they targeted the manufacturing, assembly and delivery stages of hardware and software used in sensitive installations to "compromise targets at scale". {{pdf}} The advisory noted that failure to secure the final delivery stage of hardware or to validate the build environment of software updates could expose entire sectors to systemic failure. Impact analysis warned of cascading disruptions across power systems, banking networks and healthcare facilities. The advisory also highlighted the risk of persistent backdoors, unlawful surveillance, tampered communication devices and the possibility of disabling defence capabilities without direct confrontation. These risks, it cautioned, could erode public trust in what were assumed to be secure national systems. CERT describes the threat profile as "highly targeted". Vulnerabilities linked to undisclosed vendor ownership, insecure transportation routes and unverified third-party software dependencies were identified as key exposure points. The advisory also listed indicators that organisations should monitor, including tampered seals, unexplained shipment delays, abnormal software update behaviour, and devices communicating with unknown command-and-control servers. Read: US Supreme Court to weigh Trump's power to limit asylum processing A series of mandatory and critical remediation steps was issued for government departments and critical infrastructure operators. These included the use of X-ray and acoustic microscopy to inspect bulk hardware shipments, sandboxing all software updates before deployment, full disclosure of vendor beneficial ownership and strict zero trust verification before integrating any device into operational networks. CERT also directed entities to segment administrative networks from general office traffic to contain potential breaches. The response framework outlined procedures for identifying compromised hardware, isolating affected batches, preserving physical evidence, switching to verified backup systems and conducting a full supply chain root cause analysis. Entities were also instructed to blacklist vendors that failed security evaluations and to report suspicious update behaviour or chain-of-custody anomalies without delay. The advisory follows recent concerns raised publicly about cyberattacks on domestic digital platforms and renewed calls for stronger defences across state institutions. While CERT did not identify any specific incident in the document, it reiterated that organisations must treat every incoming hardware delivery as a potential infiltration attempt and adopt stringent verification protocols to reduce exposure to rapidly evolving supply chain threats.