How likely is it that an enterprise will face a BIOS attack? Is it worth going to all the trouble to secure a network...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
via the new NIST guidelines?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
BIOS attacks have a long history, but have been greatly eclipsed by more general malware and attacks. The early PC BIOS attacks operated by changing the BIOS passwords in order to change the boot sequence on a PC and gain access to a computer, bypassing the installed operating system. These attacks required physical presence and many future attacks on BIOS will still require physical access.
There are attacks that could be performed remotely on the BIOS for which NIST is trying to prevent or minimize the effect with its BIOS security guidelines. New attacks on the BIOS could be launched by circumventing the security of the operating system. Given the number of different types of BIOS, future BIOS attacks may need to be targeted at specific BIOS iterations as mentioned in the NIST BIOS security guidelines. The next-generation UEFI BIOS has many new features like runtime services meant to enhance the overall computing experience, but these features could be used to attack the computer if they are not sufficiently secured. These BIOS attacks might be more difficult to recover from too, since the standard advice of reformatting the hard drive and reinstalling may not completely clean the system.
Securing BIOS is worth the trouble it takes to be included in general hardware drivers and software update programs. Enterprises should purchase hardware with BIOS versions that were developed using the NIST guidelines and then securely configure the BIOS. To accomplish this, a password should be set on the BIOS for making any changes, and the boot process should be set to a specific setting required by the system. A good example of a safe boot would be allowing a system to boot off of the internal hard drive. If your BIOS supports configuration changes while booted to the operating system, you could make these changes a part of a standard image. By using these settings, a securely configured computer, and installing signed BIOS updates when available as a part of a standard patch management cycle, the risk of future attacks to BIOS and their systems should be minimized.
Dig Deeper on Configuration Management Planning
Related Q&A from Nick Lewis
Locky ransomware has borrowed features from Dridex malware, which focused on attacking banks. Expert Nick Lewis explains Locky's techniques and how ...continue reading
The Mazar malware can wipe an entire Android device once it has been installed. Expert Nick Lewis explains how this malware works, and how attacks ...continue reading
MouseJack, a wireless mouse and keyboard security flaw, allows attackers to type malicious commands. Expert Nick Lewis explains how enterprises can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.