Firmware is the low-level software that is deeply integrated into the hardware of your device. It sits beneath higher-level software and your PC’s hardware and acts as a kind of bridge running the critical operations of your PC. As such, it enjoys privileges that higher-level software doesn’t have.
These privileges mean it can access all your PC’s memory, override security mechanisms, and survive defensive operations like reinstalls of your PC’s OS. As such, it’s an ideal vector for malware.
Malicious firmware can allow cybercriminals to take over your PC hardware or its OS, compromise your network security and/or steal important files or credentials. There are many examples of firmware being either infected by malware or having vulnerabilities that were exploited by cybercriminals.
One good example is the ThunderSpy vulnerabilities that, among other things, allowed malicious actors to reprogram the Thunderbolt ports in user PCs.
But if firmware is so integral to your PC’s operation and isn’t subject to defensive operations, how do you protect your PC against the security threats that go along with it?
How to protect against firmware security threats
Protecting against firmware security threats is best done with a multilayered approach.
For one, you’re going to want to keep firmware and software frequently updated, since manufacturers periodically deal with security vulnerabilities and improve security with their latest patches.
Part of doing that is being vigilant about where you get your updates — for safety’s sake, always get your firmware and software updates from official sources.
Secondly, you should enable Secure Boot. Secure Boot is a security standard and setting that ensures the PC only boots using firmware trusted by the Original Equipment Manufacturers (OEMs). You can enable Secure Boot in your PC’s BIOS/UEFI settings.
Pexels: Sora Shimazaki
Next, since a lot of firmware attacks require physical access to devices, you should limit physical access to your PC and its devices wherever possible, especially in shared public spaces where attackers often use specialized tools to extract or infect PC firmware.
That goes for limiting the use of foreign devices like public USB ports, that could harbor malicious firmware updates or infect your firmware with malicious code.
Lastly, you should always use up-to-date antivirus and antimalware software. While it’s true that these programs can’t detect compromises at the level of firmware, they can detect malware loaded in firmware updates before they’ve been installed, which can be a lifesaver in preventing your PC being infected in the first place.
There’s no guarantee you can always keep your PC 100 percent secure against firmware security compromises, but by using these commonsense techniques you can greatly improve the chances.
