Deep Dive: 5 threats affecting hardware (Part-5)
Certain firmware responsible for managing discrete hardware components has been getting increasingly complex and is subject to vulnerabilities and exploits. The worst thing is, that in many cases existing threat detection systems are impotent.
To cast some light onto this alarming trend, let's review one by one the top 5 dangerous hardware vulnerabilities that have recently been found in today's PCs. Today we bring you the fifth and last installment:
There were times when each PC motherboard BIOS developer used his own heavily guarded secret recipes. It was close to impossible to analyze the firmware, and rarely a hacker would be capable of finding bugs in those microprograms. As UEFI gained traction, a considerable portion of the source code became common for different platforms, which made life a lot easier for PC vendors and BIOS developers alike, as well as to malware engineers. For instance, the latest UEFI vulnerabilities may be used to overwrite BIOS, regardless of any security measures that might be in place, even if it is a recently marketed hip Windows 8 feature, Secure Boot. It is a vendor-agnostic and deployment-specific issue found in a standard BIOS function.
The majority of the aforementioned threats are still exotic and unbeknownst to the majority of common users, and unlikely to be a frequent case. However, the situation may change very abruptly, and in a very short time we might all be nostalgic about the good old times when hard drive formatting was a fool-proof method of dealing with an infected PC.