What best describes the behavior of adding malware-laden devices to a legitimate shipment?

Adding malware-laden devices to a legitimate shipment is best described as a supply chain compromise. This type of attack occurs when adversaries infiltrate the supply chain, taking advantage of trusted relationships between companies to insert malicious code or devices into otherwise legitimate products.

A supply chain compromise often involves manipulating physical delivery methods, allowing attackers to exploit the trust that businesses and consumers have in their suppliers. By the time the shipment arrives, the malware is already integrated into the system, posing a significant risk as users may unknowingly deploy the compromised devices, leading to data breaches or other security incidents.

This scenario differs fundamentally from other security issues like a malicious insider threat, which typically involves an employee or partner who intentionally abuses their access to confidential information. Network intrusion generally refers to unauthorized access to a network, and phishing scams involve deceptive emails designed to trick recipients into revealing sensitive information. While all are significant threats, the act of inserting malware into legitimate shipments directly pertains to the broader category of supply chain attacks.