Be Proactive About Firmware Security!

Be Proactive About Firmware Security!

Tech Blog

Firmware is everywhere; in every system and nearly every technology device we use on a daily basis – clearest example would be computers/laptops. Firmware is also highly vulnerable to malware attacks, where hackers corrupt the firmware to create persistent problems for the firmware despite security managers “fixing” the initial issue. Firmware attacks are so common that people constantly research ways to prevent these kinds of attacks from happening, with Google search results for “firmware hack” and “firmware security” increasing year by year.

Why are firmware attacks so common? Modifying the architecture of the firmware itself is no easy feat; however, malware hackers usually corrupt the firmware by inserting malicious code during the pre-boot process, directly attacking the BIOS/UEFI firmware. Once the firmware is corrupted, despite fixing the problem, the firmware will never go back to an issue-free state again even though it has only been tainted once. The system will experience persistent problems, creating headaches for security mangers.

Firmware attacks have become so common that the National Institute of Standards and Technology (NIST) developed a set of guidelines, NIST Special Publication 800-147, detailing ways to protect BIOS/UEFI firmware from malware threats. The BIOS/UEFI is a central part in a PC’s architecture and with the looming threats of firmware attacks, security managers need to be proactive about creating a secure BIOS firmware security process to shield their systems from malicious modifications.

The key to preventing firmware attacks is to have an established line of defense. So how can security managers prevent malware attacks from happening?

  • Be proactive and emphasize security

    Security managers should always be on the defensive and prioritize active security processes and updates.
  • Pay attention to your firmware

    Regularly check up on the firmware and make sure nothing is out-of-place.
  • Stay up-to-date with the latest BIOS/UEFI firmware updates

    Update the systems to patch potential vulnerabilities, prevent future attacks and diagnose any bugs/issues that could arise.
  • Have an authorization/authentication process

    An authorization process for firmware updates (such as a digital signature verification) will only allow authorized individuals to make changes and apply settings.
  • Report and troubleshoot issues ASAP

    This goes back to the whole, “being proactive” mindset.
  • For those who are using AMI’s BIOS/UEFI firmware, there are many ways to protect your firmware from attacks. AMI is no stranger to the realm of security threats and firmware attacks. As the producer of the leading UEFI BIOS firmware solution, Aptio V®, AMI has put in place various security protocols so customers can prevent unwarranted BIOS updates. Some security protocols/tools include:

  • Release of BIOS firmware updates available to customers
  • An in-house BIOS Security team that will quickly address security concerns/issues while also providing recommendations on security practices
  • Downloadable encryption keys to encrypt sensitive information when sending information to the BIOS Security team
  • Secure signing process using the Signing Server utility that verifies the authenticity of BIOS updates with signature verification
  • NIST SP 800-147 Secure Flash support
  • By following these protocols and using the tools provided by AMI, users can mitigate the risk of malware attacks before it happens.

    So lesson is, always be on the defensive and don’t take firmware security for granted. Anything that has firmware in it is at risk for attack and developing a process to address these risks is beneficial in protecting your systems. Everyone’s system contains a host of important, confidential information and if a hacker gets into all that information, you could be in some deep water. We don’t want hackers to gain access to your sensitive information now do we? So be proactive about your firmware security and keep those hackers at bay.

    About AMI

    AMI is Firmware Reimagined for modern computing. As a global leader in Dynamic Firmware for security, orchestration, and manageability solutions, AMI enables the world’s compute platforms from on-premises to the cloud to the edge. AMI’s industry-leading foundational technology and unwavering customer support have generated lasting partnerships and spurred innovation for some of the most prominent brands in the high-tech industry. 

    You May Also Like…