One type of cyberattack that’s caught many businesses off guard targets device firmware. Firmware attacks are often left undiscovered because there’s historically been a lack of transparency between the operating system (OS) and the software that tells hardware how to operate.
Firmware is a very specific type of software that lives outside the OS layer. It’s essentially the operating instruction manual for the device, telling it things such as how to boot, how to load the operating system, which users have credentials to log in, and more. A March 2021 Microsoft Security Signals report has found that there’s been an alarming rise in firmware attacks over the last few years. Two of the troubling statistics are:
- In the last 4 years, the number of firmware attacks has risen by 5 times.
- 83% of all businesses have had a firmware attack in the last 2 years.
- Only 29% of IT security budgets on average address firmware protection.
Firmware attacks can have devastating consequences. Because the firmware has complete control over a device, a breach can give a hacker control over a computer or server. It can also allow them to insert backdoors into a system that allows them access anytime. Malware, like ransomware, can also be released at the firmware layer, and it’s much more difficult to remove when it’s in the firmware rather than the operating system. A system can also be used for crypto mining when the firmware is breached. If your business hasn’t specifically addressed firmware security in your IT security plan, then you could be at risk for a persistent breach.
Why Have Firmware Attacks Become So Popular?
As security in one area is strengthened, hackers go after other areas of a technology infrastructure that may have been neglected, and firmware is one of these. Here are some of the reasons these attacks have been on the rise and become such a popular target.
There’s Been a Lack of Attention to Firmware Security
Hardware manufacturers haven’t focused on firmware security until recently (due to the rise in attacks). It’s been one of the least protected areas of a computer and one that users haven’t had much visibility into. For example, a standard antivirus/anti-malware software can’t detect intrusions at the firmware layer because it’s at a level outside the operating system. Users also haven’t paid a lot of attention to firmware security, not really understanding what this layer is, thus it’s been easier for hackers to penetrate.
Attackers Can Hide Their Activities
The lack of transparency into the firmware layer provides an attractive cloak of secrecy to cyber attackers. They can often breach the firmware layer unnoticed and then continue using a backdoor for months unnoticed. Unfortunately, this lack of ability to see into the firmware layer has been a function built into systems, in part, so users wouldn’t change anything important in the firmware code accidentally.
Firmware Provides High-Level Privileges
Many systems store user credentials in the firmware, making it an area hackers want to breach so they can both steal user credentials and create their own with high-level system privileges. Once the firmware layer is breached, a hacker can set themselves up for full control of a system, with the ability to run any program they like and even impact how the operating system loads.
What Can You Do To Protect Your Small Business Device Firmware?
Keep Firmware Updated
It’s important to keep firmware updated so you can be sure all recent security patches have been installed. Firmware updates aren’t as visible as those for an operating system or software, so many users never install them. Hackers often go after flaws in systems that haven’t been updated, so if you have any PCs or servers at your small business that haven’t had all updates done, you’re at risk. One of the best ways to ensure firmware and other areas of your devices are properly updated is to have updates handled through managed IT services. It’s estimated that 70% of organisations that don’t have a firmware upgrade plan will be breached by 2022.
Choose Devices With Firmware Protection When Upgrading
Companies like Microsoft and HP have begun coming out with computers and servers that have additional firmware security built-in. This is in response to the sharp rise in firmware attacks. For example, Microsoft’s line of firmware-protected PCs is called Secured-core, and they include more visibility and zero-trust security safeguards.
Conduct Ongoing Cybersecurity Awareness Training
Firmware attacks happen in the same way that attacks on the operating system and software happen, which is largely through phishing emails. It’s important to keep employees trained on IT security best practices, which include the ability to identify and avoid falling victim to phishing. Training should be ongoing, not just once per year, so employees can keep their skills sharp and keep device and data security at the top of their minds daily.
How Vulnerable Is Your Small Business Due to Lack of Firmware Security?
Managed IT Asia can help your Singapore business implement safeguards to ensure you’re not at risk due to a firmware attack. Contact us today to schedule your free consultation. Call +65 6748 8776 or reach us online.
MANAGED IT ASIA, we are an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses across Asia. Call us at +65 6748 8776 and let us manage your Small Business IT today!