SBN

How to identify and prevent firmware vulnerabilities

Introduction

As creators of computer software begin to take security vulnerabilities more seriously, hackers are increasingly targeting the lower ends of the computer stack in hopes of stealing identities, privileges, and systems. One easy target? Firmware. 

Companies are not taking firmware security as seriously as they should, especially when it comes to the UEFI or Unified Extensible Firmware Interface (often still referred to as “BIOS”) on computers. As such, cybercriminals are finding it easy to capitalize on firmware vulnerabilities in PCs, including those from big brands like HP and Dell.

The oversight is becoming a critical liability both in terms of realized threats and potential risks. According to a report by Eclypsium, 2019 set a new record for firmware vulnerabilities, accounting for a 43% increase over 2018. The total vulnerabilities were 7.5 times more than what was reported in 2016. Vulnerabilities can also be present in virtually any component of a device that requires a firmware update such as a memory card, network adapter and so on.

Fortunately, there are ways to identify and prevent firmware vulnerabilities, and they all start with gaining an understanding of what exactly firmware is. 

What is firmware?

Firmware is the basic software that’s embedded in a piece of hardware and controls its basic functionality. You can consider it to be software for hardware. 

However, firmware isn’t an interchangeable term for standard computer software. Virtually any hardware that uses software to operate, from smart sensors and routers to medical devices and industrial machines, has firmware that controls its functions and intelligence.

There are several types of firmware in existence, with BIOS (Basic Input/Output System) being the most popular. In the past few years, however, the UEFI standards have become commonplace. Hardware manufacturers who’ve transitioned to UEFI are driving the (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Dan Virgillito. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/jeZCIjhOkSI/