HPE Community
Alliances
1823136 Members
3438 Online
109647 Solutions
New Article ๎ฅ‚
 
Subscribe to RSS Feed
|
MassimilianoG

Firmware security: How legacy firmware leaves customers open to cyberattack

โ€Ž02-15-2022 08:51 AM

While most organizations understand the need for prompt software updates in order to maintain cybersecurity, firmware updates are often overlooked. This may be because they are seen as more complex, time-consuming, and risky than software updates, which tend to be fairly routine and automated. However, because firmware is the interface between the hardware and the operating system, it can offer a gateway for destructive malware running in a privileged execution domain.

 HPE20170126014_800_0_72_RGB.jpg

 

Cybercriminals have taken note of this vulnerability, leading to a recent rise in cyberattacks targeting firmware. In fact, according to a recent Microsoft survey, 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are dedicated to firmware security.1

 

HPE recommends the following steps to enhance firmware security:

  • Inventory and assess what equipment might contain embedded firmware and be open to the Internet. A large organization could have tens of thousands of pieces of firmware.
  • Rank the threat level from 0-10 and find a way to secure anything with a score of 7 or higher. This may mean patching the firmware or segmenting and shielding it using a zero-trust model.
  • Invest in equipment built to protect firmware. For example, HPE is building infrastructure trust services into its servers. Our silicon root of trust authenticates the firmware before a server boots an OS and can be set to check firmware validity every 24 hours. In addition, HPE Integrated Lights Out (iLO) works with silicon root of trust to continuously ensure files remain in good working order while tracking any changes that could suggest an attack is underway. If that is the case, iLO immediately isolates the malware and restores the infrastructure to its last known good state.
  • Follow industry standards. HPE also recommends looking for equipment that follows two relevant industry standards:
    • NIST SP 800-147B describes secure BIOS and firmware update procedures and policies and specifies the use of a hardware root of trust.
    • NIST SP 800-193 defines a protect, detect, and recover scheme for critical firmware.

 

In short, organizations need to consider firmware security as part of their evaluation and procurement processes when purchasing new servers and other hardware.

 

To learn more, visit:

 

1Threat Post, โ€œ80% of Global Enterprises Report Firmware Cyberattacks,โ€ April 2021.

Massimiliano Galeazzi
Labels:
0 Kudos
About the Author

MassimilianoG

Digital Marketing Lead at HPE Alliances. Managing Coffee Coaching, the HPE-Microsoft reseller community with all the news about SMB.

Top Kudoed Authors Last 30 Days
Author
Kudos
mhardi01 Avatar
mhardi01
2
View all
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.