If you are having trouble accessing this website or parts of it, please call 1-800-832-0034 or email [email protected] and we will provide you with assistance.
 

BLOG

Resources for Educators
& Professionals

 

Preparing Students for Hardware‑Level Cyber Risks

by  Dr. Gene Lloyd     Jan 30, 2026
hardware-threats

Imagine if your internet service provider were expanding, and they decided to give contracts to companies from a foreign nation to replace the infrastructure. What would happen if that company were working with their home nation to install machine-level spyware that could surreptitiously monitor connectivity? How could the global economic system that allows billions of dollars of computer equipment to be shipped worldwide be leveraged into the possibility for a foreign nation to establish a spy network in another country? Is this a far-fetched idea or a real probability? Some would argue it is already happening and that we need our newest cybersecurity professionals to be trained in the classroom about the importance of where equipment and services are sourced. 

Professors often train cybersecurity students in the hands-on actions needed to secure a network, how to analyze internet protocols to identify nefarious activity, and the methods we need to put in place to keep our systems secure. We teach security-conscious programming techniques that lessen or eliminate the possibility of code that malware can later take advantage of, and the importance of regular patching and updating as problems are discovered in older sections of code. And we press our users to maintain vigilance in their internet activity to keep from opening a door that allows hackers to sneak past all of our defenses. But we rarely talk about the source of hardware and the bigger picture of how security should be a consideration in our overall infrastructure. 

Why Firmware Integrity Matters

Just one router on a network with an extra chip or line of firmware code that copies and sends data to foreign nations is enough to destroy one’s need for privacy. And if that router is managing traffic before it touches a VPN, the powerful encryption is defeated before it is ever applied. This is where thinking outside the box is so important for today’s cybersecurity students. Thirty years ago, we taught much simpler concepts without the need for this level of detail, but today, professors need to consider what the next big threat will be and prepare their students for that likelihood. 

Real‑World Examples of Covert Data Collection 

Many will remember the Chinese balloon incident from 2023, when high-altitude balloons were discovered flying over portions of America and other nations. It was assumed that these balloons were collecting information using powerful cameras or radio equipment, and as the investigation ensued, these same types of balloons were also found high above other nations. It quickly became an international incident, and all the involved nations clammed up about the purpose of these devices, using the classic government-secrets approach. It didn’t take a savvy cybersecurity professional to figure out there was a spy operation in place.  

Around the same time, the U.S. Government began considering the creation of laws that would ban specific types of Chinese-made electronics, specifically drones, that could feasibly collect data and transmit it back to China over the internet. At least one of those laws has since been put in place, and it should be a red flag for security-minded professors that perhaps something suspicious exists in the firmware of these drones. This is cyber security leaving the network to look at millions of devices that have the potential to be a free intelligence collection operation.  

These are two real-world examples that could feasibly involve any nation. The same concerns of spy balloons and potentially malicious data-collecting drones should exist regardless of the nation of origin. I often write in my articles the importance of considering where the next attack may originate, even if the technology for such an attack does not yet exist. The potential for embedded malicious code on telecommunication devices is feasible today, as is the possibility of using consumer electronics to collect mass quantities of information. The plausibility of these types of attacks should prompt professors to push their students into considering real-world possibilities apart from what has historically been considered the standard threats. 

Cybersecurity Classroom Assignments for Hardware‑Level Threats 

How do we do this in a practical sense within the classroom? This part is easy. Professors should think about creative assignments that can be used to research the risk level of using devices from a foreign manufacturer. Some potential topics to consider are: 

  • Analyze foreign-manufactured networking hardware or IoT devices that may introduce vulnerabilities, compromised firmware, hidden backdoors, or insecure update mechanisms, and evaluate their potential impact on confidentiality, integrity, and availability.

  • Research the potential for foreign-made mobile applications or cloud offerings to covertly collect and determine the risk of sensitive organizational or governmental information.

  • Examine how reliance on foreign developed technologies can impact a network’s security posture, with geopolitical tensions in mind, and the impact of long-term resilience for critical infrastructure systems.

Each of these topics will push the student to consider the possibility of widening the range of potential threats. It is easy to look for all the common attacks we have seen over the past decade. This type of defense should continue, but needs to be augmented by the possibility of what is coming next. Professors often teach about unknown zero-day attacks that could strike anywhere at any time, and the importance of looking for activity that is not indicative of normal network traffic to catch these types of attacks before they can be successful. We can take this further by looking at the hardware that could conceivably be used as a launch platform for the next big attack.  

Imagine again if your internet service provider was expanding, and they decided to give contracts to companies from a foreign nation to replace the infrastructure. How would you train your students to analyze these types of business transactions and to advise their customers on the need to thoroughly review every piece of firmware before connecting any foreign-made device to the network? It is an avenue of attack that we just may see in the near future.

Stay Connected

Categories

Clear

Search Blogs

Featured Posts

Preparing Students for Hardware‑Level Cyber Risks

by  Dr. Gene Lloyd     Jan 30, 2026
hardware-threats

Imagine if your internet service provider were expanding, and they decided to give contracts to companies from a foreign nation to replace the infrastructure. What would happen if that company were working with their home nation to install machine-level spyware that could surreptitiously monitor connectivity? How could the global economic system that allows billions of dollars of computer equipment to be shipped worldwide be leveraged into the possibility for a foreign nation to establish a spy network in another country? Is this a far-fetched idea or a real probability? Some would argue it is already happening and that we need our newest cybersecurity professionals to be trained in the classroom about the importance of where equipment and services are sourced. 

Professors often train cybersecurity students in the hands-on actions needed to secure a network, how to analyze internet protocols to identify nefarious activity, and the methods we need to put in place to keep our systems secure. We teach security-conscious programming techniques that lessen or eliminate the possibility of code that malware can later take advantage of, and the importance of regular patching and updating as problems are discovered in older sections of code. And we press our users to maintain vigilance in their internet activity to keep from opening a door that allows hackers to sneak past all of our defenses. But we rarely talk about the source of hardware and the bigger picture of how security should be a consideration in our overall infrastructure. 

Why Firmware Integrity Matters

Just one router on a network with an extra chip or line of firmware code that copies and sends data to foreign nations is enough to destroy one’s need for privacy. And if that router is managing traffic before it touches a VPN, the powerful encryption is defeated before it is ever applied. This is where thinking outside the box is so important for today’s cybersecurity students. Thirty years ago, we taught much simpler concepts without the need for this level of detail, but today, professors need to consider what the next big threat will be and prepare their students for that likelihood. 

Real‑World Examples of Covert Data Collection 

Many will remember the Chinese balloon incident from 2023, when high-altitude balloons were discovered flying over portions of America and other nations. It was assumed that these balloons were collecting information using powerful cameras or radio equipment, and as the investigation ensued, these same types of balloons were also found high above other nations. It quickly became an international incident, and all the involved nations clammed up about the purpose of these devices, using the classic government-secrets approach. It didn’t take a savvy cybersecurity professional to figure out there was a spy operation in place.  

Around the same time, the U.S. Government began considering the creation of laws that would ban specific types of Chinese-made electronics, specifically drones, that could feasibly collect data and transmit it back to China over the internet. At least one of those laws has since been put in place, and it should be a red flag for security-minded professors that perhaps something suspicious exists in the firmware of these drones. This is cyber security leaving the network to look at millions of devices that have the potential to be a free intelligence collection operation.  

These are two real-world examples that could feasibly involve any nation. The same concerns of spy balloons and potentially malicious data-collecting drones should exist regardless of the nation of origin. I often write in my articles the importance of considering where the next attack may originate, even if the technology for such an attack does not yet exist. The potential for embedded malicious code on telecommunication devices is feasible today, as is the possibility of using consumer electronics to collect mass quantities of information. The plausibility of these types of attacks should prompt professors to push their students into considering real-world possibilities apart from what has historically been considered the standard threats. 

Cybersecurity Classroom Assignments for Hardware‑Level Threats 

How do we do this in a practical sense within the classroom? This part is easy. Professors should think about creative assignments that can be used to research the risk level of using devices from a foreign manufacturer. Some potential topics to consider are: 

  • Analyze foreign-manufactured networking hardware or IoT devices that may introduce vulnerabilities, compromised firmware, hidden backdoors, or insecure update mechanisms, and evaluate their potential impact on confidentiality, integrity, and availability.

  • Research the potential for foreign-made mobile applications or cloud offerings to covertly collect and determine the risk of sensitive organizational or governmental information.

  • Examine how reliance on foreign developed technologies can impact a network’s security posture, with geopolitical tensions in mind, and the impact of long-term resilience for critical infrastructure systems.

Each of these topics will push the student to consider the possibility of widening the range of potential threats. It is easy to look for all the common attacks we have seen over the past decade. This type of defense should continue, but needs to be augmented by the possibility of what is coming next. Professors often teach about unknown zero-day attacks that could strike anywhere at any time, and the importance of looking for activity that is not indicative of normal network traffic to catch these types of attacks before they can be successful. We can take this further by looking at the hardware that could conceivably be used as a launch platform for the next big attack.  

Imagine again if your internet service provider was expanding, and they decided to give contracts to companies from a foreign nation to replace the infrastructure. How would you train your students to analyze these types of business transactions and to advise their customers on the need to thoroughly review every piece of firmware before connecting any foreign-made device to the network? It is an avenue of attack that we just may see in the near future.

Tags

Clear