Last year, the rise in COVID-19 phishing attacks was the big cybersecurity story that companies needed to be aware of. This year, one of the big threat events to be aware of is the skyrocketing attack on device firmware.
In March 2021, a Microsoft Security Signals report came out that noted several disturbing statistics related to these hardware-based attacks.
The report found that firmware is a new “low hanging fruit” target for hackers. Some of the report findings include:
- Over the last four years, firmware attacks have increased by 5 times.
- Over the last two years, 83% of companies have experienced a firmware attack (and many don’t realize it!).
- Only an average of 29% of the IT security budget in most companies is allocated for firmware protection.
What is Firmware?
The firmware on a device acts as the operating instructions for the hardware. It tells the hardware how to interact with the operating system (how to boot it, update it, etc.), what to do with things like graphics cards and memory allocation, and much more.
All devices have firmware telling them what to do, even your television’s remote control. You can imagine how valuable that firmware layer is and how much damage can be done when it’s hacked into.
Firmware lives at a level above the operating system, which gives it even more control. The operating system often can’t see into the firmware layer, which is problematic when trying to identify attacks.
When Did Firmware Security Become a Problem?
According to Security Boulevard, firmware first started showing up on the radar of cyber-attackers around 2013 to 2016, when high-profile firmware-based attacks started happening. In these attacks, the main goal was to plant a backdoor into a system.
In 2018, firmware hacking gained higher notoriety in famous attacks like WannaCry, where malware was coupled with an attack on firmware, specifically the Unified Extensible Firmware Interface (UEFI).
Over the last four years, attacks have more than doubled each year as hackers exploit several vulnerabilities that make firmware a perfect target for their campaigns.
Why Firmware Has Become a #1 Hacking Target
Hackers Can Attack in Secrecy
Manufacturers typically have built an opaque layer between the operating system and a device’s firmware. This is so users couldn’t accidentally cause major problems by editing firmware code that should not be touched.
However, the lack of transparency between firmware and the operating system has made it much easier for hackers to attack unseen. Companies may find out there has been a breach, but can’t trace it back to a source, and thus have a hard time putting in IT security measures to stop the same type of attack from happening again.
Firmware Contains User Access Information
Many devices will store user access credentials and privilege details in the firmware layer. This gives hackers access to user logins and the ability to create new system users with high-level privileges.
Hardware Doesn’t Always Include Firmware Protection
Device manufactures don’t always include the best firmware protection in their devices. And without the ability for a typical antivirus/anti-malware program to see into the firmware layer, it leaves users with few options for defense.
How to Protect Your Device Firmware
Keep Firmware Updated on All Devices
Just like operating system files and software, the firmware needs to be updated regularly. Firmware updates don’t come along as often and aren’t usually as noticeable, so often, vital security patches go unapplied, leaving systems vulnerable to attack.
The best way to ensure all your updates are being done promptly is by using managed IT services. We’ll handle all your updates in a way that doesn’t inconvenience your users and ensure the firmware is fully updated.
Keep Users Trained on Cybersecurity Awareness
One of your best defenses against firmware attacks, malware attacks, ransomware, breaches, and other online threats is a well-trained team.
Just like other types of threats, firmware attacks often originate through phishing emails. If you keep employees well trained on how to spot and avoid phishing scams, you reduce your overall risk of a breach.
Look for PCs & Servers with Firmware Protection
Device manufacturers like Microsoft, HP, and others are beginning to bring out computers and servers with advanced firmware protection built-in. You want to look for this when you’re buying new hardware to ensure you buy a system with strong hardware safeguards.
An example of this is Microsoft’s Secured-core PCs which have a zero-trust security architecture built in to keep firmware more protected.
Is Your Firmware Properly Secured?
Texas I.T. Pros can help your Denton or Wise County business with an IT security review focused on firmware protection to let you know where you stand and where added safeguards may need to be implemented.
Contact us today to learn more! Call 940-239-6500 or reach out online.