Are you ready for Cyber Attacks? Secure your Critical Infrastructure Foundation today.

Oct 4, 2022 | FIRMly Secure, Tech Blog

Sing-Lu Byers

Sing-Lu Byers

Senior Product Manager, HRoT

The Need for Firmware Security

Firmware security is critical to protecting our computer systems and other sensitive information. Unfortunately, hackers have increasingly targeted firmware to gain access to these systems. The US government has responded by issuing a joint report outlining the importance of securing firmware against potential attacks.

The report notes that firmware is often overlooked in security, yet it can provide attackers with a foothold into a system if it is not adequately protected. Therefore, the DHS and Department of Commerce recommend ensuring that firmware is kept up-to-date and secure, including signing code with digital signatures and verifying code integrity. Taking these measures will help to protect our critical infrastructure from cyber-attacks.

What Are Firmware Attacks?

Firmware is low-level software that is hard coded into a device’s hardware. It is responsible for essential functions like booting the machine and interacting with peripherals. Because the firmware is integral to a device’s operation, it represents a tempting target for hackers. They can gain complete control over the device if they can find a way to modify or corrupt the firmware.

Firmware attacks are usually carried out by compromising development or distribution systems and then planting malicious code in devices as they are being manufactured. Once the machines are in customers’ hands, the attackers can remotely trigger the malicious code to gain control of the affected devices. This attack is often difficult to detect and even more challenging to recover from, which is why it is a serious threat.

How Tektagon Can Help

Tektagon is AMI’s NIST SP800-193 compliant solution for Hardware Root of Trust (HRoT), which verifies that the server’s firmware has not been tampered with or corrupted. HRoT protects server systems against malicious code injection and unauthorized configuration changes by validating digital signatures on all components before booting up the system.  In addition, it helps to ensure that servers have not been tampered with at any point during manufacturing, shipping, or installation.

Tektagon has now been extended to Platform Root of Trust (PRoT), which builds on HRoT to verify not just individual components but also complete platform configurations. AMI’s Tektagon solution supports Security Protocol and Data Model (SPDM) from DMTF for just such monitoring, initially enabling firmware attestation of Broadcom’s MegaRAID™ 9600 Storage Adapter and 200G NIC family with more configurations coming.

By taking advantage of Tektagon’s PRoT capabilities, you can help protect your servers—and your critical infrastructure—from dangerous firmware attacks.

So what can I do to Protect my Critical Infrastructure?

If you’re responsible for critical infrastructure, then you know that firmware attacks are a serious threat. But what can you do to protect yourself? One important step is to mandate that your infrastructure provider implements a NIST SP 800-193 compliant platform root of trust solution. This will ensure that your server components and configurations have not been tampered with or corrupted. By taking advantage of these capabilities can help keep your critical infrastructure safe from firmware attacks.

Resources:

About AMI

AMI is Firmware Reimagined for modern computing. As a global leader in Dynamic Firmware for security, orchestration and manageability solutions, AMI enables the world’s compute platforms from on-premises to the cloud to the edge. AMI’s industry-leading foundational technology and unwavering customer support have generated lasting partnerships and spurred innovation for some of the most prominent brands in the high-tech industry. AMI is also a critical provider to the Open Compute ecosystem and is a member of numerous industry associations and standards groups, such as the Unified EFI Forum (UEFI), PICMG, National Institute of Standards and Technology (NIST), National Cybersecurity Excellence Partnership (NCEP), and the Trusted Computing Group (TCG).

You May Also Like…