Potentially the best way to gain completely undetectable persistence PC access for years is with a chip implant. Mitre Att&ck refers to this as Hardware Additions (Mitre Att&ck T1200). The only way to guarantee there are no chip implants is via regular physical visual inspection and comparison of a PC motherboard, components, and wires to manufacturers’ verified design drawings. Multiple solutions have been released to demonstrate the implant possibility and risk including PicoDMA.
The most famous case is the much refuted and debated Super Micro supply chain chip implant case. Whether reality or not, the possibility is enough to make it a serious concern.
PC manufacturers have enabled chassis intrusion detection switches on the PC chassis, however it is rarely enabled and used. Furthermore it is not available on all PC models (for example, two of the largest PC OEMs have chassis intrusion detection on desktops but not laptops.)
For an adversary to implant a chip, all it would take would be bribing (and there are many documented bribery cases) an IT admin, consultant, contractor with after-hours access to your facility, employee, etc. to gain access to a PC and implant a chip on any one of the PCs or servers in your environment. And of course there is the risk of malicious insiders and disgruntled employees.
This area of concern also includes components being swapped out for ones with malicious code or direct physical reflashing of a component firmware with additional malicious firmware code, not just chip implants.
The Cigent Security Chip on the Everest drive is the only way to consistently and reasonably address these concerns. The chip has multiple sensors to detect data attacks and protect it:
Threat detection and data protection is built into the drive itself and requires no operating system software. It runs independently to detect threats coming from chip implants or components on the system. In the case of a threat detection the drive will completely cut off access to the protected data from all components. Access to the data and ability to clear threats is enabled through special software from Cigent.