Attacks on firmware have been increasing steadily, more than doubling each year over the last four years. It used to be one of those areas of a system that hackers didn’t pay a lot of attention to. However, as more high-profile firmware attacks have happened, it’s become open season on this hardware-specific software. Firmware is the instruction manual for your hardware. It tells a computer things such as how to boot, how to load an operating system, who has system privileges, and more.
It has a lot of power when it comes to device operation and should be part of any strong IT security strategy. The draw for hackers is that firmware sits at a level above the operating system, thus things happening to it, such as malicious code injection, often aren’t seen by your OS or any programs running on your OS. This means a typical anti-malware program isn’t going to be able to detect a breach of your firmware. You’re completely in the dark.
How Bad Is It?
Not only have firmware attacks been increasing at a rapid pace, but approximately 83% of businesses have experienced an attack within the last 24 months. Another factor in the hackers’ favor is that firmware has been low on the priority list when it comes to company IT cybersecurity budgets. Just 29% of the budget on average is allocated to firmware security. There are compounding factors that make it particularly attractive to hackers, which we’ll get into next.
Why Hackers Love a Good Firmware Breach
Firmware is a rich target for hackers for several reasons.
When firmware is breached, a hacker gains valuable control over a device’s operating system. For example, they can tell it to boot without vital security being activated or to avoid applying patches for certain vulnerabilities. Firmware is at the highest level of privilege on a device since it’s the software that tells a device how to operate and execute commands.
Access to User Credentials
Firmware is used to store user credentials, which means a hacker can get a list of passwords that can then allow them to access other systems or cloud accounts. They know that many users will reuse their passwords in multiple places. 54% of users reuse the same password several times.
They’re In Stealth-Mode
Users often can’t tell what’s happening with firmware, because many manufacturers have little transparency from the operating system to it. So, for hackers, this is like going in the back door that no one watches or can even see if they wanted to. Being in steal mode allows hackers to perform persistent attacks, which basically means they can keep a window open into your system and continue various attacks at will without being noticed and kicked out.
Companies Hardly Pay Attention to Firmware
Companies haven’t been keeping firmware on their radar, which is one reason for the significant rise in attacks. It’s often left alone and never updated because updates don’t come as often and don’t always provide noticeable user alerts. Often firmware is just assumed to be the responsibility of the manufacturer, something that’s hard-coded and not touched by the user. But unfortunately, this way of thinking has left many companies vulnerable to a breach.
What You Can Do To Protect Your Device
Know Where Firmware Lives
Before you can protect it from a breach, you need to understand where it is. In other words, you should list out all your company devices that should be checked for firmware updates regularly. Typical devices that use it include:
- Network components
- Security cameras
- Smart locks
- Other IoT devices
Update Your Firmware & Keep It Updated
You may need to go looking for updates to install them. For example, in the case of your router, you need to log into the router security settings to check for and apply firmware updates. It’s important to apply those updates promptly so any security flaws in the firmware can be patched.
Look for Firmware-Level Protection
A good part of the firmware protection is on the shoulders of the device manufacturer, so you want to look for PCs and servers that include specific hardware-level protections. Not all manufacturers are as up-to-date on this, so choose your hardware carefully. You’ll find some manufacturers like HP, Microsoft, and Apple are paying attention to attack rates and coming up with built-in solutions. Some of the devices that are advertised with firmware security include:
How Secure Are Your Devices?
Copperband Technologies can help your southern Kentucky or Middle Tennessee business assess your firmware protection strategy and address any weaknesses. Contact us today to schedule a consultation! Call 931.263.8000 or or email us.