Threat actors may target software defined radios due to their software nature to establish C2 channels. Since SDRs are programmable, when combined with supply chain or development environment attacks, SDRs provide a pathway to setup covert C2 channels for a threat actor.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.