Our computers can suffer a wide variety of attacks that compromise our security and privacy. It is a reality that hackers can infect devices through a wide variety of methods, such as fraudulent downloading, fake updates, email files… In this article we are going to talk about firmware malware . We are going to explain what it consists of and of course what to do to avoid being victims of this problem.
Cyber attacks come from anywhere
We have seen many types of threats . For example we can mention Trojans, keyloggers, ransomware, viruses … In one way or another they could compromise our systems, steal information, passwords and, ultimately, affect our security. Malware is very varied and there are really common methods present in our day-to-day lives.
Now, how can these threats reach us? The truth is that there are many ways that our computers get infected . For example, we can open a malicious file that comes to us by mail, the installation of an application that has been previously maliciously modified … Attacks can come from anywhere.
This means that we must always remain alert at all times. You always have to install security programs, keep your systems up to date and protected. In addition, common sense is essential. But can we always avoid threats? This is sometimes more complicated, especially with some very specific varieties of malware.
This is the case with firmware malware. It is also known as bootkits . They are a major problem since it does not directly affect the operating system, so it could even support formatting.
Firmware malware
This type of threat known as firmware malware directly affects the boot of the computer. This means that it will act even before we start the operating system, such as Windows.
It is something difficult to detect. The threat remains hidden and is also persistent. It can damage the operation of the equipment, record information on it, control the configuration or certain parameters of the system … But the most dangerous of all is that it is difficult to eliminate.
There are many threats that simply by opening the antivirus and analyzing it we can eliminate them. Others may be more complicated and we might even need to format the equipment. But in the case of firmware or bootkit malware it’s even worse. It is able to withstand a format and remain on the computer.
As we have indicated, it is not malicious software that directly affects Windows or whatever operating system it is. This means that even formatting and reinstalling the system can remain hidden and act again.
But where is this threat then? These types of attacks target BIOS and UEFI firmware. It remains hidden there and this means that formatting the operating system or passing an antivirus that only analyzes the files of that system has no effect.
How does this threat arrive?
As we indicated at the beginning of the article, malware arrives in many different ways. This also happens with those that affect the firmware of the equipment. Basically what this threat does is overwrite the firmware . Therefore, a malicious update for example could make us victims of this problem. What the attacker can do is modify the source code.
This malicious code could be sent through insecure Wi-Fi networks , such as a network in an airport or shopping center. The hacker could exploit vulnerabilities that exist on that computer and thus deploy his attacks.
They could also even use physical devices . The most common is a USB stick that houses code capable of executing malicious software and modifying firmware. For example, if we go to a store to print documents, that computer could have been previously infected.
What can they do with these types of attacks
If we focus on how they could affect us with this variety of attacks, we must also comment that there are different ways for this. We can be victims of various problems that put our security and privacy at risk.
Something that hackers can do if they sneak firmware malware onto our computer is alter its operation . They can design major changes that affect performance, limit the use of hardware, features, and more.
They could also use it to steal information . We already know that our personal data has great value on the net. They can use this type of method to collect personal data and include us in spam campaigns or sell it to third parties.
But they could also just spy on us and wait for the right moment. We have indicated that this type of attack is very silent, it can remain for a long time without giving signals. They could be on the prowl spying on the victim until it is time to act.
How to avoid attacks on firmware
After having informed about what firmware malware is, how it acts and what an attacker could do, the most important thing remains: give some tips to protect ourselves. Basically the measures are the same as to defend against any other cyber attack.
Keep computers protected
Something fundamental that can not be missing at any time is to keep our equipment properly protected . There are many threats that can affect us, as we have seen. We are not only talking about malware that affects firmware, but many other varieties.
Therefore, our first advice is to use a good antivirus and other tools such as a firewall to protect systems. This is the first security barrier that we can have.
Update only from official sources
This is very important to prevent firmware problems. On many occasions, users download updates from anywhere. This could be a problem, since we do not know if it could have been maliciously modified in order to spy on us or affect its proper functioning.
Beware of insecure networks
Of course we must also be careful with the Wi-Fi networks to which we connect. We have seen that it is another of the methods used by cybercriminals to sneak these types of threats. We must always be aware that hackers could also be lurking in the open network we connect to.
Analyze the hardware we insert
Are we going to put a pendrive that we have used before in a public computer, for example? It is convenient to analyze it and thus avoid having some type of inserted malware that could affect our device. For this we can count on security programs and even other operating systems.
Common sense
Common sense is another point to take into account. Most attacks will require user interaction. They will need us to make some kind of mistake such as downloading a malicious file, opening a dangerous link, etc.
So here are some things to keep in mind about firmware malware. We have seen that it is a threat that can seriously compromise our security and privacy and we must be protected at all times.