AI Insights
Showing results for 
Search instead for 
Did you mean: 

Protecting Your IT Infrastructure Across the Silicon Supply Chain


Read about today’s IT infrastructure cybersecurity threats and learn about the precautions HPE has taken to ensure the security of your digital assets.

Blog_Supply_Chain_IT_Infrastruture.jpgIn the ongoing battle against cybercriminals, your IT team needs to start thinking today about protecting the servers you plan to deploy in the future. And, the server firmware is an area companies need to be concerned with, as hackers move down from the data plane and into the control plane.  .

Unbeknown to you, hackers could be implanting compromised code or a virus in the firmware during production or distribution of a white box server. That bug hidden in the server firmware allows the hacker  to breach digital assets once the server is deployed at a customer site—like a Trojan horse. Many of today’s IT security solutions focus on protecting the operating system and applications.  But, as the security gets stronger with new OS protections and application scanners, hackers are migrating to attack server firmware.  Hackers realize that by the time servers are deployed in a data center, breaching the firmware security becomes more difficult. That’s why they now target vendors along the component supply chain—probing for a weak link that’s vulnerable to an attack.

Drawing attention from sophisticated cybercriminals

Modifying firmware and implanting compromised code is a difficult task, so it’s generally done by the  most sophisticated cybercriminals. When they succeed, their high-level hacking expertise allows them to take over an infiltrated server and operate unknown for months or even years. In one extreme case, attackers hid for 14 years within an NSA system before being discovered.

Firmware attacks are particularly insidious because they involve changing data that users don’t generally interact with by going beyond the file system. The attacks target the BIOS, the firmware interface, and even physical chips. The corrupt data can even persist inside these sections of a server after an operating system is reinstalled and disks are wiped.

This type of attack is a chief concern, given the amount of hardware that many server manufacturers import from outside their own country. If a cybercriminal gains access to a factory, distribution hub, resell outlet, or anytime during shipping, they can install  long before the server enters the end user’s data center.

Unprecedented levels of protection, detection, and recovery

With this development in the world of cybercriminal activity, it’s no longer adequate to limit infrastructure security to firewalls. To defend against firmware attacks, your server infrastructure needs to be your strongest defense, armed with the latest innovations.

HPE Gen10 servers are helping businesses take on the challenge by blunting the impact of firmware attacks. This enables you to achieve sufficient data protection and data retention capabilities in order to run your business without the risk of data compromise—or having to pay criminal hackers that implant ransomware.

Based on four key elements, HPE Gen10 servers offer unprecedented levels of protection, detection, and recovery with the world’s most secure industry-standard servers:

  1. Long before you order and deploy any of our servers, we design our own custom silicon chipset for the server firmware. The firmware is anchored into the bedrock of the silicon as far back in the production process as possible. That makes our servers secure all the way through the supply chain and ensures the integrity of the firmware.
  2. After deployment in your data center, servers continuously monitor the firmware for any compromised code and alert you immediately; it no longer takes a long time to determine if malware is present.
  3. If a compromise occurs, the servers restore the firmware back to its original state.
  4. HPE Gen10 servers also utilize the newest Commercial National Security Algorithm (CNSA)—the highest level of security encryption protection. HPE is the first server manufacturer to adhere to this standard.

Stay ahead of the threats by taking advantage of new technologies

To find out more about the precautions HPE has taken to ensure the security of your digital assets—by protecting the silicon across the entire server supply chain—we invite you to watch the video Introducing the World’s Most Secure Industry Standard Servers. And to learn about the IT network security threat landscape and how attacks on firmware are becoming more sophisticated, check out the Moor Insights white paper, HPE Locks Down Server Security.

I don’t know of any other players in the server space that offer such a tightly integrated, end-to-end solution.

Featured article in

Understanding today’s security concerns is key as emerging technologies open many new business opportunities and also introduce new risks to server hardware. To help stay ahead of the threats through our unique server firmware protection, detection, and recovery capabilities, visit our website.

0 Kudos
About the Author


Bob leads the partner software organization for the server division. His team is also responsible for productizing the new HPE security technologies and delivering a comprehensive approach to security across all solutions.