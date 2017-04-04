Gigabyte Firmware Bugs Allow the Installation of BIOS/UEFI Ransomware (bleepingcomputer.com) 13
An anonymous reader writes from a report via BleepingComputer: Last week, at the BlackHat Asia 2017 security conference, researchers from cyber-security firm Cylance disclosed two vulnerabilities in the firmware of Gigabyte BRIX small computing devices, which allow an attacker to write malicious content to the UEFI firmware. During their presentation, researchers installed a proof-of-concept UEFI ransomware, preventing the BRIX devices from booting, but researchers say the same flaws can be used to plant rootkits that allow attackers to persist malware for years. The two vulnerabilities discovered are CVE-2017-3197 and CVE-2017-3198. The first is a failure on Gigabyte's part to implement write protection for its UEFI firmware. The second vulnerability is another lapse on Gigabyte's side, who forgot to implement a system that cryptographically signs UEFI firmware files. Add to this the fact that Gigabyte uses an insecure firmware update process, which doesn't check the validity of downloaded files using a checksum and uses HTTP instead of HTTPS. A CERT vulnerability note was published to warn users of the impending danger and the bugs' ease of exploitation.
Can we please just go back to making sure the BIOS is right BEFORE shipping the motherboard and putting it in ROM? That would really help, thanks!
Or at least put a 'write protect' jumper on there? The people who will actually update their BIOS can find a jumper...
Demand that devices come with a "hardware reset switch" that will reset the firmware and other settings to factory condition.
Yes, your data is still screwed if you get firmware ransomware that encrypts your storage, but at least you can get your device back.
I would allow for one exception: Devices like phones and laptops which may NEED to be remotely controlled or even "perma-bricked" if they are stolen or otherwise fall out of your physical control. This kind of theft-protection/deterrent is incompatible