An article discusses security from firmware.
PCRonline reported that HP Labs said “more can be done to ensure that devices can be securely updated” and Simon Shiu, Head of Security Lab at HP Labs, said that there are a “fast growing area of attacks on devices” according to Intel McAfee Labs’ Threat Prediction report 2016, where it highlights these attacks.
The article said that “firmware, which resides in a non-volatile memory device on a PC or printer circuit board, is typically the first code to execute on a device when it is turned on” and this is the reason why they are “difficult to detect”, which means the attackers gain control, accessing all hardware and resources allowing attackers to “monitor and remotely control all activities” in secrecy. Often they can override the user’s security, and can sometimes be “impossible to remove without a system board replacement”.
Shiu noted that “HP researches and provides state-of-the-art below OS security”, an example being the PC BIOS security solution Sure Start, which is an ”independent chip [which] is capable of detecting firmware intrusion in PC BIOS and repairing it instantly without any action required from the user or the administrator of a device”.
The programme “validates the integrity of the firmware image before it is executed at boot”, and if this fails “a protected and cryptographically verified ‘Golden Copy’ of the firmware is used to repair the device” – then, the “Golden Copy is stored in private isolated Non-Volatile Memory (NVM) that no third-party firmware or software can access”.
HP Inc has made printers more secure as well, and its LaserJet models offer the “most advanced security for their BIOS and the rest of their firmware image”, allowing the printer to “recover quickly to a functional state in case of attack for uninterrupted productivity and work flow”.
Shiu commented that “both our PCs and printer firmware security solutions have been designed with cyber-resilience in mind, which is the ability to protect to the best capacity, detect if protection fails, and recover quickly and seamlessly to a safe functional state. At HP it is important to be humble and accept that occasionally attacks will go through. Therefore, it is key to know how to recover with as little disruption to a workplace as is possible”.