What you need to know about firmware attacks

Recent alerts suggest hackers may be taking a closer look at your hardware's firmware. Here's how to defend yourself

Page 2 of 2

Already, today, Microsoft's BitLocker with the TPM (Trusted Platform Module) chip enabled, and other drive encryption programs that check the integrity of firmware, can prevent or alert the user to unexpected BIOS modifications. But these protections aren't as good as UEFI 2.3.1 defenses.

The latest versions of most popular open source operating systems also have UEFI 2.3.1 support, but you'll have to make sure your open source OS supports it and that it is enabled on both the hardware and software -- not an easy task. I haven't been able to find information on Apple's plans to support UEFI 2.3.1, but if anyone knows, please post that information in the comments to this story.

Stopgap measures
The bigger question is what should you do about current, pre-UEFI 2.3.1, hardware?

Upgrade all firmware versions to the latest versions possible, even if that upgrade isn't NIST-compliant or UEFI 2.3.1. Like all software upgrades, the most recent firmware versions contain bug fixes and often contain protections against unwarranted modification. Check with your firmware vendors to see what protections are offered. If few or none, remember: Sometimes pressuring your firmware vendor to get with the program actually works.

All this also means you should update your regular patching cycles to cover firmware updates. That's always been a best practice worth following, but I've only seen a few enterprises make that commitment.

Lastly, remember, it's not just the BIOS. Anything with firmware is subject to increased risk over time. For example, HP announced a while back that remote printer control characters could be used to control or corrupt many common HP printers' firmware. I don't think there's a computer or device with firmware (including routers, switches, firewalls, and so on) that's invulnerable to firmware attack, so best to start thinking about and protecting every device that contains firmware.

What's the likelihood your devices will be attacked by firmware malware? Who knows? But if it happens, at least you can tell your boss you knew about the threat and had preparations in place.

This story, "What you need to know about firmware attacks," was originally published at InfoWorld.com. Keep up on the latest developments in network security and read more of Roger Grimes' Security Adviser blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.

| 1 2 Page 2
Cybersecurity market research: Top 15 statistics for 2017