“Just pins”: The vulnerabilities hiding in plain sight
“When was the last time your red team touched a soldering iron?”
In a world where AI-enabled attacks dominate headlines and cloud misconfigurations absorb entire assessment budgets, it’s easy to forget that under all these critical systems there are copper traces running through fibreglass boards. From Industrial Control Systems to smart fridges, the heartbeat of technology lies in the hardware—but how often does anyone look?
During a recent client assessment, a fairly well-secured network appliance with hardened credentials and up-to-date patching was undone by a small, overlooked serial debug header tucked just behind a sticker on the mainboard. No logs. No alerts. Just pins.
This article explores the strategic importance of PCB reverse engineering in modern security programmes, and how teams can bridge the physical gap that so often undermines otherwise mature defences.
The security industry’s hardware blind spot
Electronics and PCB-level security often remain out of scope. Either because of unfamiliarity, perceived protection by being physically separated from the attacker, the complexity and "dark arts" of attacking hardware. In 2025, that’s a gap threat actors are increasingly prepared to exploit to find their initial access.
Despite their foundational role in modern systems, electronics and PCBs are rarely given the same scrutiny as software or network infrastructure. Security reviews tend to stop at the operating system boundary. Everything below the OS hardware drivers, including the board layout, interconnects, and chip selections, is treated as a black box. Often teams simply haven’t been trained to peel back the solder mask and so they never do.
The perceived impracticality of hardware attacks has been proven to be inaccurate many times. In 2023 the security of an IronKey USB device was bypassed through advanced chip analysis. Researchers demonstrated the insertion of hardware Trojans using tampered FPGA bitstreams in 2019. Every year the small community of hardware security experts attack consumer devices such as TP-Link's Tapo Smart Devices, subjecting them to forensic desoldering and flash memory extraction to reveal sensitive internal data structures.
These aren’t theoretical attacks—they’re practical demonstrations of what motivated adversaries, well-funded actors, or skilled consultants can uncover with time, tools, and a microscope. And they illustrate the immense value of cultivating PCB-level assessment skills inside any serious security team.
Ignoring the hardware layer is no longer a viable stance. It’s time to bring the soldering iron into the security conversation.
Why most Pen Testers walk right past these vulnerabilities
Side-channel leakage, exposed serial lines, poor PCB trace routing, and careless debug features are not hypothetical, they’re issues repeatedly seen in production hardware. Yet they remain almost completely absent from most penetration testing methodologies.
Most red teams lack the tooling or training to even recognise hardware debugging ports, let alone safely interact with them. If this layer is even in-scope, the team may spot a suspicious header on a board but have no idea if it’s UART, JTAG, SPI, or just decorative. Which is just the beginning, even fewer understand how to trace a net across multiple layers or infer system function from chip placements and passive components. PCB reverse engineering requires skills aligned with electronics engineering but it’s only about cyber security when you apply a threat actor mindset to what is discovered. The lack of crossover training means missed opportunities.
In recent consumer product tear-downs, like TP-Link’s Tapo smart plugs and bulbs, security researchers used multimeters, microscopes, and logic analysers to trace power rails, identify flash chips, and dump sensitive contents. In other cases, overlooked antennas or power regulation circuits provided entry points for passive collection or power glitching attacks.
Bridging this gap demands cross-disciplinary knowledge: electronics familiarity, precise lab technique, and the same curiosity that drives good pen testing. Without it, attackers will continue to exploit what defenders don’t inspect.
Make 2025 the year hardware gets hacked
Attack surfaces are expanding upwards through abstraction layers such as virtualisation, memory randomisation, and software defined networking. None of these were conceivable when the OSI model was made in the 1970s. It is well understood in the penetration testing community that attacking "the layer below" is often very successful. Modern technology is built on complex combinations of electronic components: the ultimate layer below is the hardware.
Meanwhile, vendor supply chains remain opaque. Many devices arrive with no verifiable provenance of their components, PCB layouts, or embedded protections. Even teams that trust their vendors rarely have tools or expertise to validate what’s been delivered.
Regulators and strategists are catching up. ENISA’s 2025 Space Threat Landscape highlights hardware-level threats including physical compromise of components, side-channel vulnerabilities, and PCB tampering as a systemic concern for satellite and space systems, systems often seen as the gold standard for resilience.
This is not new. ENISA flagged many of these risks back in 2017 in their original Hardware Threat Landscape, laying out the dangers of chip-level backdoors, insecure design practices, and a lack of rigorous hardware assurance. What’s different now is urgency: technology is becoming ubiquitous and transparent to our daily lives, so more attackers are learning how to exploit it, and gradually more regulators are paying attention. The organisations who move first to build hardware awareness into their security programmes will gain a measurable resilience advantage.
Your team can’t afford to ignore the board
As the risks evolve and hardware increasingly comes under threat, security teams need to rethink their assessment capabilities. It's no longer acceptable to view hardware as out of scope or someone else's problem. Your system runs on silicon, so it's in your threat model and they are your risks.
For technical leaders, this means taking a hard look at team maturity in physical-layer security assessments. For testers, this is a chance to level up. If you're comfortable intercepting API calls, probing networks for RCEs, or perhaps analysing binaries, why not follow the signal all the way to the copper? And embedded systems engineers are ideally positioned to bridge this gap. Adding a little security mindset and exposure to offensive tooling, they can become a formidable force uncovering real-world, board-level weaknesses before an attacker does.
If you're in security and you've rarely (or never!) picked up a multimeter or soldering iron, now is the time.
Hands-on, not hypothetical: learn to hack the hardware
We're launching a new in-person training: Electronics and PCB Reverse Engineering. This is a hands-on, immersive course designed specifically for security professionals, red teamers, penetration testers, and embedded engineers who want to expand their technical arsenal and gain proficiency in hardware-level attack and analysis techniques.
Over the course of up to five intensive days, participants will gain practical experience with real-world tools and hardware. Core modules include:
- component and feature identification
- analysis prioritisation and attack surface mapping
- use of lab equipment such as multimeters and logic analysers, soldering and rework
- inter-component communication
- working with antennas
- overcoming connectivity challenges, and
- overcoming defensive PCB design, as well as
- an introduction to glitching and power analysis.
This course is not just a chance to let your inner nerd out to play, it also gives team leads a chance to build new in-house capability that bridges the traditional blind spot between cyber and physical systems. The beta run takes place in just two weeks time 23–27 June 2025, with only two places left and reduced introductory pricing available.
Learn more or register here: yougottahackthat.com/courses/electronics-and-pcb-reverse-engineering
Have you ever peeled back the mask?
There’s a whole layer of security risk quite literally baked into the boards we use every day. The tools are out there. The techniques are known. But the gap remains because teams haven’t had the time, exposure, or training to take a closer look.
So here's the prompt: What’s the strangest or most surprising thing you’ve found on a PCB? Ever uncovered a hidden header? Reverse-engineered a mystery IC?
Drop your war stories, show off your lab bench pics, or tag a colleague who needs to dust off their scope.
And if you think your team could benefit from levelling up their hardware skills, the course is ready. The soldering irons are hot. Let's make hardware a first-class security concern again.
