Should companies worry more about their firmware cyberattacks?

Should companies worry more about their firmware cyberattacks?
Déposez ici vos recherches ou offres de location/ colocation d'atelier.
Répondre
kafa88
Rang 5
Rang 5
Messages : 158
Enregistré le : sam. 19 déc. 2020 11:18

Should companies worry more about their firmware cyberattacks?

Message par kafa88 » jeu. 8 avr. 2021 07:29

Image


Computer giant Microsoft recently released a report claiming that businesses around the world are ignoring a key issue of cybersecurity: the need to protect computers, servers and other devices from firmware attacks.A survey of 1,000 cybersecurity decision-makers across multiple industries in the UK, US, Germany, Japan and China revealed that 80% of companies experienced at least one firmware attack during this time. Two years ago But only 29% of the security budget is allocated to protect the firmware.However, the new report addresses the latest in critical security vulnerabilities affecting Microsoft's widely used Exchange email system.And the computer giant released an ultra-secure Windows 10 computer last year that it says will prevent its firmware from being tampered with.Is this just an attempt to distract and sell more PCs, or should businesses worry more?


How does a firmware attack work?

Firmware is a type of persistent software code that slotxo controls each hardware component in a PC.Cybercriminals are increasingly designing malware that interferes with firmware on motherboards that tell PCs to start up or with firmware in hardware drivers.This is a covert way to bypass the computer's operating system or any software designed to detect malware because the firmware code resides in the hardware, which is the bottom layer of the operating system.Security experts told the BBC that while IT departments adhere to cybersecurity best practices, such as fixing security holes in software or protecting corporate networks from malicious intrusions, the IT departments are following cybersecurity best practices. Many companies still forget about this firmware.

People don't think about it in terms of patches - it's rarely an update, and when it does, sometimes it destroys things," said Robert Potter, a researcher at the University of California. Cyber ​​Australians explained Mr. Potter has built the Washington Post's Cybersecurity Operations Center and has advised the Australian Government on cybersecurity.Modifying firmware can sometimes be a hassle, so for many companies it becomes a blind spot.Several major firmware attacks have been discovered in the past two years, such as RobbinHood, a ransomware that uses the firmware to gain access to the victim's computer and then encrypts all files until a fee is paid. Bitcoin Ransom This malware held several US city governments hostage in May 2019.

Another example is Thunderspy, an attack that implements the direct memory access (DMA) function that PC hardware components use to talk to.This attack is so cryptic that an attacker can read and copy all the data on a computer without leaving a trace, and this attack is possible even if the hard drive is encrypted, the computer is locked or set to go into auto-lock mode. Sleep follows If a device's firmware is unprotected or if protection can be bypassed, the firmware compromise is both serious and potentially invisible," said Chris Boyd, malware intelligence analyst at security firm Malwarebytes. explain A remote or physical compromise that allows cheat codes to work, can set procedures for data theft, system corruption, spying, and more.


Big organizations beware

The good news is that firmware attacks are less likely to target consumers, but big companies should be wary, according to Gabriel Cirlig, a security researcher at US cybersecurity firm Human (formerly White Ops). )It's a big deal. But fortunately, this only applies to large corporations because you have to target certain types of motherboards and firmware,Usually, cybercriminals tend to attack popular operating systems and software because they only make money when they can infect the largest number of end-users.Firmware attacks are less common and more complex to implement than other types of cyberattacks, but unfortunately the coronavirus outbreak has accelerated the problem.The National Institute of Standards and Technology (NIST), an agency within the United States Department of Commerce, is continually updating the National Vulnerability Database (NVD) with new security flaws.

The database has recorded a fivefold increase in firmware attacks over the past four years.By blocking out the Coronavirus in multiple countries, many employees work from home and connect remotely to their work servers. Each computer and cell phone is an opportunity.Firmware attacks can be complex, Mr Cirlig said, but if an attacker can quietly steal sensitive data from the c-suite's laptop, such as a password, they can use it to infiltrate their network. More companies and steal data Hackers in the country are ***spam*** likely to use such attacks.This is a massive, high-paying operation - not something a small group of cybercriminals can have a manpower to do.

Memfis
Rang 2
Rang 2
Messages : 14
Enregistré le : sam. 13 févr. 2021 14:53

Re: Should companies worry more about their firmware cyberattacks?

Message par Memfis » mar. 13 avr. 2021 11:28

This is certainly very useful information. Especially if we consider this problem from the point of view of crypto gambling as described in one popular article. I advise everyone to read this guide carefully at the link and you will find a very relevant offer for winning bitcoins.

Sawlost
Rang 1
Rang 1
Messages : 6
Enregistré le : ven. 9 avr. 2021 17:44

Re: Should companies worry more about their firmware cyberattacks?

Message par Sawlost » jeu. 29 avr. 2021 10:55

Good day, everybody! Bitcoin and other cryptocurrencies have recently grown in prominence. Many people have begun to purchase it, but not everyone considers the confidentiality and privacy of their records. I can inform you that I suggest using this trustworthy service to deter malicious users from stealing your records.

Répondre
Suivez-nous sur
close
Me connecter

Avec mon compte :

Ou via mon compte kobOne :