When Kaspersky Lab revealed last week that it had uncovered a sophisticated piece of malware designed to plant malicious code inside the firmware of computers, it should have surprised no one. And that’s not just because documents leaked by Edward Snowden have shown that spy agencies like the NSA have an intense interest in hacking the firmware of systems, but also because other researchers have shown in the past how insecure firmware—in nearly all systems—is. Computers contain a lot of firmware, all of which is potentially vulnerable to hacking—everything from USB keyboards and web cams to graphics and sound cards. Even computer batteries have firmware. “There’s firmware everywhere in your computer, and all of it is risky,” says security researcher Karsten Nohl, who demonstrated last year how he could embed malicious code in the firmware of USB sticks. There’s also firmware in all of our popular digital gadgets—smartphones and smart TVs, digital cameras, and music players. Most of it is vulnerable for the same reasons the firmware the Equation Group targeted is vulnerable: it was never designed to be secure. Most hardware makers don’t cryptographically sign the firmware embedded in their systems nor include authentication features in their devices that […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It appeared first on National Cyber Security.
View full post on National Cyber Security