Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firmware threat Dhaval Chauhan MIS 534.

Published byDonna McCormick Modified over 6 years ago

Similar presentations

Presentation on theme: "Firmware threat Dhaval Chauhan MIS 534."— Presentation transcript:

1 Firmware threat Dhaval Chauhan MIS 534

2 What is firmware ??? In electronic systems and computing, firmware is a type of software that provides control, monitoring and data manipulation of engineered products and systems.  Examples : Traffic lights, consumer appliances, remote controls and digital watches computer peripherals, mobile phones and digital cameras Network interface cards, embedded controllers, graphics cards, USB sticks, mice, keyboards ,routers and switches all have firmware.

3 Why firmware is vulnerable ???
Security and IT managers aren’t paying attention to it. Security teams focuses more on firewalls, intrusion prevention systems and sandboxes.

4 Why Hackers attacks firmware ?
Persistence Malware can be clean up with antivirus software and then remediate with software. Compromised firmware could cause malware to keep coming back even after normal remediation actions. Stealth Normal mechanisms for detecting malware do not examine firmware. So compromised firmware can be used to hide malicious behavior for a long time. Full Access If malware can control system firmware, it gains full access to the system. By altering firmware, malware can usually bypass existing measures.

5 Recent incidents utilitys-control-system-was-hacked/

6 Protecting firmware from attacks
Understand that the threat to firmware is real Security managers need to know that the risk of an attack in firmware is quite real and that firmware must be updated like any other software. Routine BIOS updates required, so firmware updates are something security and IT managers need to manage themselves.

7 Protecting firmware from attacks
Practice security basics Use solid security principles such as least privilege, in which you only grant access rights to a user for a specific business purpose. Companies also need to deploy standard defense-in- depth practices for their infrastructure, including firewalls, sandboxes and intrusion protection systems. IT managers also need to keep web browsers updated and install routine Windows or Mac updates. Other common practices include not to run applications as root and to disable unnecessary services.

8 Protecting firmware from attacks
Benchmark your system for security vulnerabilities Find potential vulnerabilities. Open source tools such as CHIPSEC give security managers an idea of what specific vulnerabilities are present. If the system is not configured to protect writes to firmware attackers can simply overwrite it with malware. If secure boot is not enabled and correctly configured attackers can run their malware before an operating system starts.

9 Protecting firmware from attacks
Prepare for attacks before they happen Security managers can take a golden image of each system’s firmware, which then lets them compare what’s changed from the original image in the event of an attack. Such checks could also be run periodically to monitor any changes when conditions are normal. While serious, firmware attacks are still rare. If one is suspected, experts from vendors and the local security team may be needed as part of a detailed investigation.

10 Protecting firmware from attacks
 Think about other devices and components This includes hard drives, network interface cards, graphics cards, baseboard controllers, embedded controllers, and networking gear such as routers and switches. For the most part, established networking vendors make provisions for automated firmware updates. Firmware for embedded controllers is usually updated with standard BIOS updates. But for most of the other components, check with the manufacturer to see how they handle firmware updates.

11 Thank You Prepare for Disaster: Recover Faster

Download ppt "Firmware threat Dhaval Chauhan MIS 534."

Similar presentations

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Chapter Three OPERATING SYSTEMS.

Chapter Three OPERATING SYSTEMS.
Rootkits. EC-Council The Problem  Microsoft Corp. security researchers are warning about a new generation of powerful system-monitoring programs, or.

Rootkits. EC-Council The Problem  Microsoft Corp. security researchers are warning about a new generation of powerful system-monitoring programs, or.
Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.

Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.
Software 1. Software is divided into parts System software Operating system Utility software Application software 2.

Software 1. Software is divided into parts System software Operating system Utility software Application software 2.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
CSC190 Introduction to Computing Operating Systems and Utility Programs.

CSC190 Introduction to Computing Operating Systems and Utility Programs.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Similar presentations

Ads by Google