Become a fan of Slashdot on Facebook


Forgot your password?

Security Industry Incapable of Finding Firmware Attackers 94

New submitter BIOS4breakfast writes "Research presented at CanSecWest has shown that despite the fact that we know that firmware attackers, in the form of the NSA, definitely exist, there is still a wide gap between the attackers' ability to infect firmware, and the industry's ability to detect their presence. The researchers from MITRE and Intel showed attacks on UEFI SecureBoot, the BIOS itself, and BIOS forensics software. Although they also released detection systems for supporting more research and for trustworthy BIOS capture, the real question is: when is this going to stop being the domain of research and when are security companies going to get serious about protecting against attacks at this level?"
This discussion has been archived. No new comments can be posted.

Security Industry Incapable of Finding Firmware Attackers

Comments Filter:
  • Re:Least interest (Score:3, Insightful)

    by flyingfsck ( 986395 ) on Wednesday March 19, 2014 @12:46PM (#46525157)
    Wrong. All an infected BIOS call needs to do is launch a process that will keep running and do its damndest when the system is up.
  • by dutchwhizzman ( 817898 ) on Wednesday March 19, 2014 @12:52PM (#46525225)

    Most bioses now have a complete TCP/IP stack for things like ipmi. Keylogging only requires a few simple routines to do as well; plenty of room to implement that in current flash chips on main boards.

    Hiding in firmware makes you resilient and virtually undetectable on the "normal storage". A rudimentary base to pull next stage software in that will "bootstrap" the full malware once the OS installed is all that is needed. The full malware can be fragmented and re-use existing binaries so it won't be detected. You need a trusted platform and guaranteed "safe" steps to be able to reasonably trust your computer and when firmware contains holes or malicious code, there are plenty of people that don't work for the NSA that can actually build a competent attack for that.
  • Re:Least interest (Score:5, Insightful)

    by rtb61 ( 674572 ) on Wednesday March 19, 2014 @01:47PM (#46525627) Homepage

    Which means basically when they start intercepting hardware between the manufacturer and the user, security becomes an impossible mind fuck. Once it all shifted to firmware and hardware hacks the security game is over. Parallel networks where the inside network is fully air gapped from outside networks and the building itself is secured from wireless communications. Basically all internet function are done on disposable net books, this more for typical businesses rather than internet business. Apparently Russian security has gone back to typewriters and hard copy for the most secure documents, actual physical penetration is required. With the NSA continuing to fuck around with security, how long will it be before banks go back to manual systems and internet banking becomes a memory.

Garbage In -- Gospel Out.