Sure but what changed between the time the equipment was purchased and installed and now? It’s not like the idea of malicious hardware is new. There was probably specific information about a credible or actual threat.