Threat of firmware attacks is a growing concern for business
New research from HP Wolf Security finds that 80 percent of IT leaders are concerned about their capacity to respond to firmware attacks.
The study shows that 67 percent of IT leaders say protecting against, detecting, and recovering from firmware attacks has become more difficult and time-consuming due to the increase in home working, with 64 percent saying the same of analyzing the security of firmware configuration.
With a rise in destructive attacks targeting the firmware layer, and attackers willingness to invest in the capability to disrupt endpoints, firmware security is set to become a key battleground over the next decade.
With the switch to hybrid and remote working, 83 percent of IT leaders say firmware attacks against laptops and PCs now pose a significant threat, while 76 percent of IT decision makers say firmware attacks against printers pose a significant threat.
Dr. Ian Pratt, global head of security for personal systems at HP says:
Firmware attacks are very disruptive and much harder to detect or remediate than your typical malware -- often requiring expert and even manual intervention to fix. This increases the cost and complexity of remediation considerably, particularly in hybrid environments where devices are not on site for IT teams to access. Having more endpoints sitting outside of the protection of the corporate network also reduces visibility and increases exposure to attacks coming in via unsecured networks.
At the same time, we are seeing a rise in destructive attacks -- such as wiper malware. Last year, our research team saw attackers conducting reconnaissance on firmware configurations, with the likely intent of exploiting unsecured configurations to weaponize for financial gain. Once an attacker has gained control over the firmware configuration, they can exploit their position to gain persistence and hide from anti-malware solutions that live in the Operating System (OS). This gives them an advantage, allowing them to stealthily maintain persistence on target devices, so they can gain access to infrastructure across the enterprise and maximize their impact.
Shadow IT doesn't help with the problem either as employees are purchasing and connecting devices outside of IT's view while working remotely. HP Wolf Security's Out of Mind and Out of Sight report last year found that 68 percent of office workers that purchased devices to support remote work say security wasn't a major consideration in their purchasing decision. Furthermore, 43 percent didn't have their new laptop or PC checked or installed by IT or security.
You can find out more on the HP site.