Security News > 2021 > October > Strengthening firmware security with hardware RoT

With IT security and visibility efforts still largely focused higher in the stack at the application layer, bad actors are seeking to breach systems further down the stack at the firmware level.

Once inside the firmware, hackers can disable remote firmware updates, making it impossible to fix remotely and thus requiring the service of a technician with physical access to the hardware/firmware, often requiring a complete shutdown and an on-site visit that can be quite costly for large-scale deployments.

The National Institute of Standards and Technology's National Vulnerability Database shows that attacks on firmware have risen by 500% since 2018, and survey data from a new Microsoft report show that 83% of enterprise IT decision-makers have had their systems hit with a firmware attack in the last two years, but that only 29% of the average security budget is dedicated to protecting the firmware level.

This is unsustainable: a report from Gartner predicted that "By 2022, 70% of organizations that do not have a firmware upgrade plan in place will be breached due to a firmware vulnerability."

To secure firmware against ever more ambitious and creative attackers, a Root of Trust is necessary as an entity against which to check every layer of the stack from hardware boot to firmware load, OS runtime, up until the running applications.

This formal specification is important because in addition to protecting against firmware persistency attacks, it also helps firmware developers understand how to develop more secure firmware with fewer vulnerabilities.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/i8q39C-T40w/