Firmware attacks targeting enterprises are up over the past two years. However, most victims are too preoccupied with patches and upgrades to invest resources into preventing them.
The numbers come from Microsoft's new "Security Signals" report, conducted by Hypothesis Group, which polled 1,000 decision-makers involved with security and threat protection at enterprise companies. Of these, 83% had been hit with a firmware attack in the past two years.
Firmware has become a hot target for cybercrime in recent years as software security has improved. The TrickBot malware last year added a module to inspect devices for firmware vulnerabilities that could enable attackers to read, write, or erase the UEFI/BIOS firmware. Last October, a rare firmware rootkit was detected targeting diplomats and nongovernmental organizations. Russian advanced persistent threat group Sednit deployed the first firmware-level rootkit seen in the wild back in September 2018.
The trend is poised to increase, says David Weston, partner director of Enterprise and operating system security at Microsoft. "We see the trend growing linearly. … Every year we're seeing more and more CVEs determined in firmware," he says. In the last 18 months alone, Microsoft has seen at least three different nation-state actors exploiting firmware vulnerabilities, he adds.
"That's a huge uptick from the previous 18 months, where I don't think we saw more than one," says Weston, noting this is "a substantial incr ..
Support the originator by clicking the read the rest link below.
