Founder & CEO at Dynamix Solutions
Security experts have noticed a disturbing trend happening that exploits weakness users may not even be able to see. We discussed this type of attack briefly in our article about top cybersecurity threats your business needs to watch out for, and we’ll go into this a bit deeper in this article.
We’re talking about the increase in firmware attacks, which are attacks that target the code that tells the hardware what to do. Over the last 2 years, 83% of businesses have experienced a firmware attack.
Unfortunately, firmware isn’t always front and center when it comes to network security planning. Companies are usually focused on things like device security, network security, and data security, but not specifically on firmware.
According to Garner, 70% of organizations that don’t have a firmware upgrade plan will be breached by 2022.
Why has firmware become such a rich target?
There are multiple reasons, all of which point to a need for companies to prioritize hardware protection.
Following are the key reasons that firmware attacks have skyrocketed (increasing five-fold in the last four years). It’s important to understand these reasons, so you can plan an effective protection strategy.
Firmware Offers Ultimate Device Control
The firmware, which is software used to tell devices how to behave, sits outside the operating system layer of a computer or other device.
The firmware needs to sit outside this layer because it is the code that gives instructions to a computer on how to load the operating system, which users can log in and access system settings, how to interact with other hardware, and more.
Because firmware has such as high-level job when it comes to computers, servers, routers, etc., if it’s hacked, it ultimately can give a hacker complete control over a device.
Firmware is Often “Invisible” to the User
Computer manufacturers don’t necessarily want users editing the firmware. Otherwise, they could end up rendering their computer unusable because a critical instruction was changed or deleted.
User interaction with firmware has mainly been kept to the ability to apply a new update, which means that if the firmware is hacked, users often don’t know.
Standard antivirus/anti-malware can’t see in the firmware layer. This invisibility makes firmware hacks particularly attractive to criminals because they can often go undetected for months or longer and continue compromising a device with persistent attacks.
Users Often Don’t Realize They Need to Update Firmware
When was the last time you updated your router firmware or PC firmware? Many users neglect firmware updates because they are not as noticeable as software and operating system updates.
When the firmware isn’t updated, it leaves vulnerabilities unpatched that attackers can exploit to gain access to a system.
Firmware Attacks Provide Hackers With Multiple Opportunities
If a hacker can breach the firmware level of a computer or server, they have multiple opportunities for the type of attack they want to carry out. They’re not limited by the barriers they may face from an operating system breach.
Some of the many types of attacks that hackers can undertake when they compromise the firmware include:
- Changing how the OS applies security patches
- Changing what comes up during OS boot
- Releasing ransomware or another type of malware
- Putting in a backdoor for ongoing attacks
- Using the device’s processor for crypto mining
- Adding another user with high-level permissions
- Stealing all data on the device
- Stealing user passwords
- And more
Device Manufacturers Haven’t Historically Provided Enough Firmware Security
There has been a lack of attention to firmware security by device manufacturers (though this is finally changing). This has left users with firmware vulnerabilities with new computers, they didn’t know where there because they never thought to ask.
A report by Wired on computer research for hardware security found that there were incursion vulnerabilities detected in 80% of the computers examined (which included major brands like Dell and HP).
Tips for Preventing Firmware Breaches
Look for Devices with Firmware/Hardware Security Built-in
Companies like Microsoft and HP are now paying more attention to firmware security at the manufacturing level and bringing out PCs with more transparency into the firmware layer and more protection.
Look for these types of devices when purchasing new hardware. Examples are Microsoft Secured-core PCs and HP Sure Start.
Have a Strategy for Firmware Updates
Make sure you have a strategy for regularly checking for and applying firmware updates across all your company devices. This includes computers, servers, routers, printers, and IoT devices.
The easiest way to ensure all your updates are being handled in a timely manner is by using managed IT services.
Conduct Regular Employee Security Awareness Training
Firmware breaches happen the same way that other breaches do. They usually start with a phishing email that is clicked by an unsuspecting user and which then releases malware in a system.
Keeping employees trained on security awareness and best practices can significantly reduce your risk of a firmware compromise and other attacks.
Have Your Firmware Checked for Vulnerabilities
Dynamix Solutions can help your Toronto or Calgary business with a full scan of your system vulnerabilities and let you know where you stand on firmware protection.
Contact us today to schedule a consultation about managed IT services in Calgary! Call Toll Free: 1 (855) 405-1087 or reach out online.