BIOS security: Are BIOS attacks worth defending against?

How likely is it that an enterprise will face a BIOS attack? Is it worth going to all the trouble to secure a network via the new NIST guidelines?

    Requires Free Membership to View

Ask the expert!

Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)

BIOS attacks have a long history, but have been greatly eclipsed by more general malware and attacks. The early PC BIOS attacks operated by changing  the BIOS passwords in order to change the boot sequence on a PC and gain access to a computer, bypassing the installed operating system. These attacks required physical presence and many future attacks on BIOS will still require physical access.

There are attacks that could be performed remotely on the BIOS for which NIST is trying to prevent or minimize the effect with its BIOS security guidelines. New attacks on the BIOS could be launched by circumventing the security of the operating system. Given the number of different types of BIOS, future BIOS attacks may need to be targeted at specific BIOS iterations as mentioned in the NIST BIOS security guidelines. The next-generation UEFI BIOS has many new features like runtime services meant to enhance the overall computing experience, but these features could be used to attack the computer if they are not sufficiently secured.  These BIOS attacks might be more difficult to recover from too, since the standard advice of reformatting the hard drive and reinstalling may not completely clean the system.

Securing BIOS is worth the trouble it takes to be included in general hardware drivers and software update programs. Enterprises should purchase hardware with BIOS versions that were developed using the NIST guidelines and then securely configure the BIOS. To accomplish this, a password should be set on the BIOS for making any changes, and the boot process should be set to a specific setting required by the system. A good example of a safe boot would be allowing a system to boot off of the internal hard drive. If your BIOS supports configuration changes while booted to the operating system, you could make these changes a part of a standard image. By using these settings, a securely configured computer, and installing signed BIOS updates when available as a part of a standard patch management cycle, the risk of future attacks to BIOS and their systems should be minimized.

This was first published in April 2012

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: