In their attempts to avoid discovery, hackers are becoming smarter and more sophisticated. Bad actors are attempting to breach systems farther down the stack at the firmware level, where IT security and visibility efforts are still mostly focused higher in the stack at the application layer.
Hackers can disable remote firmware updates once inside the firmware, making it impossible to fix remotely and necessitating the services of a technician with physical access to the hardware/firmware, which often requires a complete shutdown and an on-site visit, which can be quite costly for large-scale deployments. Because of this, repairing zero-day vulnerabilities in firmware or hardware can be time-consuming, leaving the system vulnerable for a longer period than a software breach would. These factors have resulted to an increase in the frequency of firmware attacks by both state-sponsored actors and smaller, less well-resourced but nonetheless deadly private groups.
According to survey data from Microsoft’s March 2021 Security Signals report, 83 percent of enterprise IT decision-makers had experienced a firmware attack in the last two years, yet only 29% of the average security budget is dedicated to firmware protection.
A Root of Trust (RoT) is required to safeguard firmware against ever more ambitious and innovative attackers as an entity against which to check every stage of the stack from hardware boot to firmware load, OS runtime, and finally running apps. The only way for a computational component to be trustworthy in this sense is for it to be immutable, which rules out any kind of software solution. As a result, a hardware solution is required, which frequently entails keeping crypto keys that are linked to the device owner who furnished the keys in the silicon of the system rather than in its software in a standalone implementation.
Novel solutions go a step further by completely outsourcing the RoT to a separate security processing unit (SPU) chip, allowing remote attestation of not just the motherboard but also any peripheral device linked to the system.
The problem with creating an RoT on a system’s hardware or on a separate security processor is that they are difficult to access or affect by design. This makes them comparatively more secure against bad actors, but it also limits their flexibility when new vulnerabilities are discovered or functions are required.
FPGAs (field-programmable gate arrays) can help in this situation. An FPGA is a semiconductor device separate from the CPU that can be configured after production, allowing programmers to change the way components of their larger system are built without incurring significant financial or time costs.
Overall, CIOs, CISOs, and IT decision-makers need to understand that their systems are extremely vulnerable, particularly at the firmware level. What’s needed is a hardware root of trust that can authenticate and authorize any change to any layer of the stack while being flexible enough to react to new vulnerabilities and enable security applications. Firmware attacks will only become more common as hackers get more ambitious, making it critical to take action sooner rather than later.
For more such updates follow us on Google News ITsecuritywire News.