acm-header
Sign In

Communications of the ACM

ACM News

Firmware Attacks Are on the Rise and You Aren't Worrying About Them Enough


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Envisioning better security for firmware.

More than three-quarters of enterprises have experienced one firmware attack during the past two years, but less than a third of security budgets are dedicated to protecting firmware, according to Microsoft's inaugural Security Signals report for March 2021.

Credit: thesslstore.com

Microsoft's inaugural Security Signals report for March 2021 shows that 80% of enterprises have experienced one firmware attack during the past two years, but less than a third of security budgets are dedicated to protecting firmware. 

Firmware attacks are tricky to deal with. State-sponsored hacking group APT28, or Fancy Bear, was caught in 2018 using a Unified Extensible Firmware Interface (UEFI) rootkit to target Windows PCs. There have also been attacks that rely on hardware drivers, such as RobbinHood, Uburos, Derusbi, Sauron and GrayFish, as well as ThunderSpy, a theoretical attack aimed at Thunderbolt ports.

From ZDNet
View Full Article

 


 

No entries found