So, anyway, our colleages at Eclypsium recently announced some bugs they found in Dell BiosConnect which could allow attackers to remotely implant code in firmware. You can read about it here.
Dell has apparently released firmware upgrades which fix the bugs, and it is not thought to be under active attack, so all should be well, but there are still two problems.
The first is that people tend to not be good at applying firmware updates. Unlike the monthly OS patches, there is rarely a mechanism for letting folks know they have a firmware patch to apply, and even if there is a patch, most people are not good at flashing firmware. As an example, we routinely still see Lenovo firmware that has the so-called "Lenovo rootkit" (which, btw, ain't that different from BiosConnect) from 2015 in it, and it should have been extinct since 2016.
The second problem is, who knows how many other problems like this exist? Another six, (at least) manufacturers have firmware with similar capabilties to BiosConnect, and no one knows who has similar problems. Maybe none. Maybe some. I guess time will tell.
Oh, and functionality keeps getting added. When I blogged about BiosConnect well over a year ago, one thing I noticed was that this particular firmware upgrade moved from 8 mb to 16 mb, and the number of programs in it grew from 320 to 575, and we now routinely see firmware (not just Dell) with nearly 1,000 executables. That's a lot of extra functionality, and therefore a lot of potential vulnerabilities.
As I recently wrote, you cannot protect your organization properly if you don't know what's in your firmware, especially the upgrades. We have recently done some "before and after" comparisons, that are highly instructive, and hopefully I'll get to disclose them here soon.
And, if you would like some help in checking your firmware, please feel free to reach us at labs at armor.ai.
So, far be it for me to say I told you so, but ... I told you so... This stuff is coming.
Thursday, June 24, 2021
Thursday, June 10, 2021
How do people know what’s in their firmware?
Here's a quick summary of where we stand wrt firmware security...
Nearly all computers built since 2007 contain UEFI (Unified Extensible Firmware Interface). UEFI contains between two hundred, and a thousand compiled C programs, in Windows format. This is a format well understood, by attackers, and defenders, alike. They are all cryptographically signed, but this signature is only checked at flash time. What this means is that if something can get write access to the firmware, it can change whatever it likes, including by virus-like infection, and probably nothing will detect it. UEFI is immensely powerful, and is an operating system in its own right. It has its own network stack, and can download over the public internet, via HTTP or FTP, and can write anything it likes to the disk. We have even found some that have email capability.
UEFI runs at ring-1, or ring-2, well below ring-0, and is like 64bit, real mode, DOS. (Think about the implications of that for a minute)
Firmware attacks have already happened, viz. LoJax, and ShadowHammer, that we know about, and we know that the TrickBot ransomware gang has been spotted looking for machines with Secure Boot turned off. There will be others, just waiting to be discovered.
If you think ransomware is a problem now, wait until some of them gain persistence in firmware.
Even if you are not concerned about ransomware, consider this. The SolarWinds attackers were obviously technically capable of firmware attacks. They were in networks well long enough, and were clearly cunning enough to cover their tracks.
Given the “high profile” nature of some of their victims, this could be like a hidden bomb, waiting to be detonated.
I think it was the Marines who came up with the expression Left Of Bang. The idea is that when the improvised explosive, or road-side bomb, goes off, that’s “Bang”. Getting Left Of Bang means that you realize that something is not right, and maybe an ambush is coming, and you do whatever you have to do to prevent, or avoid, the Bang.
So how do you get Left Of (this sort of) Bang?
Whether you are using our software, or someone else’s, you have to start dumping, and analyzing, your firmware.
Even if there is nothing overtly malicious in it, you simply have to know what capabilities are in it, or you cannot properly defend your organization.
And, the answer to the opening question of, "How do people know what's in their firmware?" is...
They don't. Nearly everyone is using the Hope Method.
The Hope Method is not a method.
Folks, it’s coming. Please try to get ahead of it.
Nearly all computers built since 2007 contain UEFI (Unified Extensible Firmware Interface). UEFI contains between two hundred, and a thousand compiled C programs, in Windows format. This is a format well understood, by attackers, and defenders, alike. They are all cryptographically signed, but this signature is only checked at flash time. What this means is that if something can get write access to the firmware, it can change whatever it likes, including by virus-like infection, and probably nothing will detect it. UEFI is immensely powerful, and is an operating system in its own right. It has its own network stack, and can download over the public internet, via HTTP or FTP, and can write anything it likes to the disk. We have even found some that have email capability.
UEFI runs at ring-1, or ring-2, well below ring-0, and is like 64bit, real mode, DOS. (Think about the implications of that for a minute)
Firmware attacks have already happened, viz. LoJax, and ShadowHammer, that we know about, and we know that the TrickBot ransomware gang has been spotted looking for machines with Secure Boot turned off. There will be others, just waiting to be discovered.
If you think ransomware is a problem now, wait until some of them gain persistence in firmware.
Even if you are not concerned about ransomware, consider this. The SolarWinds attackers were obviously technically capable of firmware attacks. They were in networks well long enough, and were clearly cunning enough to cover their tracks.
Given the “high profile” nature of some of their victims, this could be like a hidden bomb, waiting to be detonated.
I think it was the Marines who came up with the expression Left Of Bang. The idea is that when the improvised explosive, or road-side bomb, goes off, that’s “Bang”. Getting Left Of Bang means that you realize that something is not right, and maybe an ambush is coming, and you do whatever you have to do to prevent, or avoid, the Bang.
So how do you get Left Of (this sort of) Bang?
Whether you are using our software, or someone else’s, you have to start dumping, and analyzing, your firmware.
Even if there is nothing overtly malicious in it, you simply have to know what capabilities are in it, or you cannot properly defend your organization.
And, the answer to the opening question of, "How do people know what's in their firmware?" is...
They don't. Nearly everyone is using the Hope Method.
The Hope Method is not a method.
Folks, it’s coming. Please try to get ahead of it.