Skip to main content

Firmware Cyberattack: All you need to know!

 

Firmware can be regarded as the basis of the hardware of a computer. “It is software that is lodged into every piece of hardware on your device. Its main task is to facilitate communication with the software we install on our computer and ensure that the hardware can execute commands accurately”. Some of the firmware are usually specific to the model of the computer it’s installed on, therefore it can be rewritten, removed, or uninstalled. 

How does this happen?

Microsoft published a report in March 2021 named ‘Security Signal report’. In this report, Microsoft surveyed over 1000 organisations around the globe and around 80 percent of the organisations said that they had faced at least one firmware attack in the last two years. 

Firmware weakness gives the hackers access to our system and we would not even know about it. The reason for this is that firmware hacking compromises the system before it has even booted up and gives hackers access to the hardware of the system. Let us understand how this happens, the attacking code used by the hackers gets incorporated into the lower levels that affect the system both ways before and after the system started. The malevolent code, when enters our system, targets parts of the operating system and modifies the firmware. It affects the Basic Input Output System (BIOS) of the system. The firmware attack becomes more dangerous as it can bypass antivirus software and directly attack the core of the system.

The system firmware can be hacked through many ways, physical devices like corrupt USBs, infected drives, etc., or through remote ways like internet. The main reason for this infiltration is that the firmware is not encrypted therefore is not able to detect any infiltration and before we can realize that a lot of data breach has already happened. And while we still don’t know about the firmware attack it compromises updates for firmware and can persist even after the hard drives are formatted or BIOS is reinstalled. 

What are the Threats?

If a firm or an organisation does not have proper firmware security then it can pose the same risks as if they don’t have security against phishing, or other threats like spying on your work, extracting your data, or even remotely controlling your computer. 

The threat becomes even graver, Microsoft explained, because the firmware is the area where sensitive information like credentials and encryption keys are stored in memory. 

How can we secure our devices?

Before we start figuring out what we can do to protect our system we should know one thing: Firmware security is more or less in the hands of hardware manufacturers only. This industry sadly is not doing much to protect their products from these attacks and requires a lot of work. For example, “at the BlackHat Asia 2017 security conference, researchers from Cylance revealed 2 vulnerabilities in the firmware of Gigabyte BRIX small computing devices, according to a report from Bleeping Computer.” This is only a single example of many findings that are being made across the whole host of the network. The brighter side of these findings is that the big organisations are forcing the manufacturers to take measures for firmware security, that cyber attacks cannot breach. Some of the manufacturers like Dell, are also releasing firmware updates for the attack-prone firmware. Some other steps that we can take to protect our system are: -

  • Update Firmware- As already mentioned above some of the companies are releasing updates in order to secure their firmware. Therefore, you should keep checking for firmware updates and update it to the latest version at the earliest to protect your hardware.

  • Don’t plug in Untrusted USBs- An USB can be used to store malware that when plugged in your system can cause damage to it. These types of USB are known as Bad USB. These Bad USB are very hard to detect. Some of the organisations have completely banned the use of USBs. You should only use your personal USB or any trusted person’s USB.

  • Purchase Hardware with Built-in protection against malicious firmware- We have already discussed how the protection is more dependent on the manufacturer, so the best we can do is, purchase hardware with built-in protection. Some BIOS and hardware companies are also making continuous efforts to update their security in light of the firmware attacks.

Conclusion

As the research continues a whole new set of responsibilities have come upon the firmware developing companies. They need to roll out timely updates to protect their users. But as consumers, we should also stay alert and aware of new findings and keep trying to keep ourselves safe. It is impossible to know every kind of threat, the least we can do is stay vigilant.

By: Archit Diwakar

(BA LLB, RGNUL, Patiala)


Stay connected with us: www.worldcybersecurities.com

To get latest updates on various cyber related events & other things, you can join our Whatsapp group/Telegram Channel





Comments

Post a Comment

Popular posts from this blog

UNESCO Guidelines on Generative AI in Schools

The advent of artificial intelligence has assumed prominence amongst all industries and various facets of people's personal lives. The integration of AI in education has been inevitable, given the significance and role of information, knowledge production and administration in the sector. This is especially so as its capabilities entail replicating higher-order thinking. Besides assisting in the education process, it also brings the element of real-life relevance, allowing education to be imparted against the backdrop of the evolving world due to the same AI. It tends to have implications on the subject matter that needs to be imparted, which tends to be something that constantly needs to answer the question of "Why and how is this particular subject matter relevant for learning?".  This induces policy-makers and educational institutions to rethink what they need to impart as knowledge, the area of matter, and the manner of thinking to be emphasised. This is because educa...
Post a Comment
Read more

Dark Web: Safe or unsafe? Truth Revealed!

  The dark web is the part of the internet that is not visible to search engines. With the advancement in technology, digitization has resulted in different types of attacks. We can talk to anyone as long as we have an internet connection. The main concern is with privacy and anonymity in mind.  A team of computer scientists and mathematicians working for one branch of the US navy which is known as the Naval Research laboratory (NRL), developed a new technology known as Onion Routing. It allows anonymous communication where the source and destination cannot be determined by the third party. A network using the Onion Routing technique is classified as Darknet. The NRL released the Onion Routing Technique and it became The Onion Router, also known as TOR. Advantages of Dark Web  Humans are allowed to hold privacy and express their views freely. Privacy is considered to be critical for honest persons through the different criminals and stalkers.  The growing tendency of...
5 comments
Read more

India's Cybersecurity Landscape: New Rules, Rising Threats, and Government Response

The recent interaction of the newly reappointed Union IT Minister with journalists has sparked significant interest within the IT Industry and among privacy enthusiasts. Ashwini Vaishnaw announced on June 15 that the MEITY will soon release the rules under the Digital Personal Data Protection (DPDP) Act, a development of immense significance for India's cybersecurity landscape. [1] 's Acts. It holds immense significance for the country, especially with the increasing number of internet users.  Of 2023 for public consultation. The rules hold immense significance for a country like India, with 751.5 million internet users at the commencement of 2024 [2] . With the continuous surge in internet usage across India, the volume of personal data shared online is also on the rise. This occurs either voluntarily, such as an individual providing personal information to a social media platform to access its services, or involuntarily, as a consequence of falling victim to a cybercrime inci...
Post a Comment
Read more