When it comes to the success of a business cybersecurity strategy, the focus is usually on software, passwords, network, and data. For example, you always hear about updates being needed to software and operating systems, but companies often neglect firmware security.
According to a new Security Signals study by Microsoft, firmware attacks are increasing and becoming a problem for company IT security. The study uncovered the fact that firmware attacks are moving faster than the investments that companies are making to prevent them.
80% of American enterprises have been victims of a firmware attack within the last two years. However, 71% of security budgets have zero allocation for firmware protection.
What exactly is firmware and how do you protect it? We’ll go through an explanation and everything you need to know from Microsoft’s study below.
What is Firmware?
Firmware is a class of software that is specifically tied to hardware. It’s the code that helps a device operate and that contains multiple instructions for performing various controls, providing security, interfacing with other hardware and software, and more.
All devices have firmware to run them. This includes everything from your PC’s graphics card to your wireless router. Even the remote control you use to change the channel on the television will include firmware.
Without firmware telling devices what they need to do, they would be basically useless and unable to function.
Firmware is stored in a special type of memory called ROM (read-only memory) that’s outside the operating system layer. Firmware can receive updates from time to time with patches or function updates, just like operating systems or applications do.
Why It’s Vital to Include Firmware Protection in Your Cybersecurity Plan
As a Microsoft Gold Partner, NetCare keeps up to date with all recent news and security announcements in the Microsoft world. This allows us to keep our customers apprised of things that can impact their businesses.
We’ll go through the details on the firmware study from Microsoft below and what you can do to keep your firmware from being a security risk to your organisation.
Increase in Attacks
Because the firmware is often overlooked when it comes to IT security budgets, hackers have found it to be fertile ground for planting malware. The firmware makes such a prime target because it’s used to store vital information such as credentials and encryption keys for a hardware device.
According to the National Institute of Standards and Technology (NIST) in the US, there has been an increase of 5x the number of attacks against firmware over the last four years.
Organisations Are Slow to Realise Firmware Danger
At the same time that data breaches involving firmware attacks are on the rise, many organisations still are focused on their other security areas.
The Security Signals study found that security decision-makers see software as 3x more likely to post a security risk than firmware. This lack of realisation of the threat to firmware has fueled the increase in attacks as hackers take advantage of this less secure device layer.
What Can Hackers Gain by Attacking Firmware?
When hackers go after firmware, it’s like taking the less-traveled path to compromise a system or network. Because it’s monitored less than other paths, hackers can often find fewer barriers.
Here are some of the advantages for hackers when they attack firmware:
- Firmware can often give a hacker the highest possible privilege in a system, which allows malicious code to run without as many internal challenges.
- They can subvert security that’s in place at higher layers in an operating system.
- Because the firmware is outside the operating system, malicious code can often go undetected. This also allows for persistent attacks.
- Being able to compromise the firmware that tells a device how to operate allows a hacker the ability to do irrevocable damage.
How Do Companies Prevent Firmware Attacks on their Devices?
There are several tactics you can deploy to protect firmware. The most important step in prevention is knowing it’s a problem that needs to be addressed.
- Keep Firmware Updated: While software and OS updates are often automated, it’s important to pay attention to firmware updates as well. They often don’t give the same alerts as other updates but are just as important.
- Perform Regular Vulnerability Testing: Every new device you add to your network could bring the potential for a firmware attack. It’s important to perform regular vulnerability testing according to industry-standard tools (CHIPSEC, automated code analysis)
- Look for Devices with Firmware Protection: Microsoft recently announced a new class of devices with firmware protection built-in called Secured-core PCs. These have Zero Trust security measures included in all layers.
Get Help Putting Firmware Protection in Place for Your Devices
NetCare can help your Sydney area business put protections in place to keep your devices secure from firmware attacks and via our on-going standards alignment process ensure they stay cyber-resilient.
Contact us today to learn more. Call (02) 9114 9920 or reach out online.