How likely is it that an enterprise will face a BIOS attack? Is it worth going to all the trouble to secure a network...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
via the new NIST guidelines?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
BIOS attacks have a long history, but have been greatly eclipsed by more general malware and attacks. The early PC BIOS attacks operated by changing the BIOS passwords in order to change the boot sequence on a PC and gain access to a computer, bypassing the installed operating system. These attacks required physical presence and many future attacks on BIOS will still require physical access.
There are attacks that could be performed remotely on the BIOS for which NIST is trying to prevent or minimize the effect with its BIOS security guidelines. New attacks on the BIOS could be launched by circumventing the security of the operating system. Given the number of different types of BIOS, future BIOS attacks may need to be targeted at specific BIOS iterations as mentioned in the NIST BIOS security guidelines. The next-generation UEFI BIOS has many new features like runtime services meant to enhance the overall computing experience, but these features could be used to attack the computer if they are not sufficiently secured. These BIOS attacks might be more difficult to recover from too, since the standard advice of reformatting the hard drive and reinstalling may not completely clean the system.
Securing BIOS is worth the trouble it takes to be included in general hardware drivers and software update programs. Enterprises should purchase hardware with BIOS versions that were developed using the NIST guidelines and then securely configure the BIOS. To accomplish this, a password should be set on the BIOS for making any changes, and the boot process should be set to a specific setting required by the system. A good example of a safe boot would be allowing a system to boot off of the internal hard drive. If your BIOS supports configuration changes while booted to the operating system, you could make these changes a part of a standard image. By using these settings, a securely configured computer, and installing signed BIOS updates when available as a part of a standard patch management cycle, the risk of future attacks to BIOS and their systems should be minimized.
Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments
Related Q&A from Nick Lewis
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and ...continue reading
A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend ...continue reading
A vulnerability in Microsoft's Windows Defender antivirus tool left users open to remote code exploitation. Expert Nick Lewis explains how it ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.