When is the last time you updated your PC firmware? What about the firmware on your router?
While most companies understand the importance of keeping their computer operating system and software updated regularly to prevent network security vulnerabilities, firmware is often neglected.
Firmware updates aren’t as “in your face” as other update notices, many times they’re just a small blip in the taskbar that’s easy to miss.
But the lack of proper attention to firmware security isn’t the only reason that you should be making it a priority this year. Firmware has also been under increasingly more attacks and is becoming a common target of hackers and criminal organizations.
In the March 2021 Security Signals study by Microsoft, it was found that in the last four years, there’s been a five-fold increase in firmware attacks. Additionally, 83% of businesses have been hit with a firmware attack in the last two years (and many don’t even realize it.)
What is Firmware?
Firmware is a type of software, but it’s different from the software users work in all day long. Firmware speaks to hardware and tells it how to interact with other hardware components and with the operating system of a device (computer, server, router, etc.).
Firmware runs all types of devices, even your TV remote control. But the firmware that is most under attack right now is that which controls computers and servers.
Some of the things that firmware is responsible for includes:
- How your computer boots.
- How the operating system loads.
- How operating system updates are handled.
- How the computer uses other hardware, like a graphics card.
- What happens when booting in “safe mode”
- Who can access the computer through user credentials
Firmware is now on the radar of online attackers for several reasons.
Why Are Firmware Attacks Growing?
Firmware Offers a Cloak of Invisibility
If you have an anti-malware/antivirus on your computer (which everyone should have), you may think that any malware entering your system at all would be detected. However, that program sits inside the operating system layer of a computer, and it can’t see outside that layer into the firmware.
Ransomware or other malware is difficult to detect when it’s injected into the firmware of a device. Until recently, manufacturers built very little visibility into the firmware layer, so much of what’s happening in that layer is invisible to the user.
This lack of transparency allows hackers to move about unfettered and undetected in the firmware layer much of the time. This enables persistent attacks that can go on for months or years.
Firmware Offers High-Level Device Control
The firmware tells the computer hardware how to function, so breaching this level allows a hacker high-level control to do what they like with a device.
They have the ability to plant backdoors in a system, change aspects of how the operating system is loaded, and even completely take over the device for things like crypto mining.
Hackers can also create or access user credentials, which are often stored in the firmware layer, allowing them total control to change whatever code they like.
Manufacturers & Users Haven’t Properly Secured Firmware
A study of firmware security by IT security company Eclypsium found 95% of devices have at least one firmware vulnerability. Computer manufacturers haven’t always been great about building firmware protections into their devices.
Couple this with the lack of attention to firmware in the typical cybersecurity strategy of a small or mid-sized business, and you end up with a less protected area of a device that offers a lot of potential for hackers.
Tips for Preventing a Breach of Your Device Firmware
Have a Plan for Firmware Updates
It’s important to include firmware updates along with your other software and OS updates. While they might not come along as often, they must be applied as soon as they’re available to ensure your network remains secure.
It’s predicted that 70% of companies without a firmware update strategy will suffer a breach by 2022.
The best way to ensure your firmware is kept updated is through a managed services plan.
Look for Firmware Protection When You Purchase Hardware
Due to the increase in firmware attacks, security at the firmware level is now being addressed by PC and server manufacturers. (Such as Microsoft’s Secured-core PCs).
When you upgrade your devices, you want to look for computers, servers, and other hardware that advertise robust firmware-level or hardware-level security.
Keep Up With Cybersecurity Awareness Training
A vital line of defense against most cyberattacks, including firmware attacks, is to have well-trained employees. You want your staff to be able to identify a phishing email and know how to keep away from malicious websites.
Ongoing cybersecurity awareness training can help prevent a majority of firmware attacks and other types of breaches.
Get Your Firmware Security Assessed Today!
Onsite Techs of Rhode Island can help your business ensure your device firmware is properly updated and protected.
Contact us today to schedule a consultation at 401-773-7766 or book a video call now.
