- Home
- Techniques
- Enterprise
- Firmware Corruption
Firmware Corruption
Adversaries may overwrite or corrupt the flash memory contents of system BIOS or other firmware in devices attached to a system in order to render them inoperable or unable to boot.[1] Firmware is software that is loaded and executed from non-volatile memory on hardware devices in order to initialize and manage device functionality. These devices could include the motherboard, hard drive, or video cards.
Mitigations
Mitigation | Description |
---|---|
Boot Integrity |
Check the integrity of the existing BIOS and device firmware to determine if it is vulnerable to modification. |
Privileged Account Management |
Prevent adversary access to privileged accounts or access necessary to replace system firmware. |
Update Software |
Patch the BIOS and other firmware as necessary to prevent successful use of known vulnerabilities. |
Detection
System firmware manipulation may be detected.[2] Log attempts to read/write to BIOS and compare against known patching behavior.