The motherboard inside every PC would lie motionless without the basic input/output system that takes control after...
the PC is switched on. Think of BIOS as software -- you have to consider it vulnerable to threats. A set of security compliance standards to mitigate BIOS security vulnerabilities should be developed to prevent exploitation of computer systems and networks.
The BIOS starts the hardware initialization process and then hands over the controls to the operating system. Since BIOS has a privileged position within the architecture of a computer, malicious modifications of BIOS firmware can be a serious threat. A hacked BIOS could result in permanent denial of service or advanced persistent threat.
BIOS is an integral part of the computer boot process and is responsible for the following procedures:
- Executes the core root of trust
- Initializes and tests low-level hardware
- Loads and tests initial firmware
- Selects boot device
- Loads operating system
BIOS is the first code executed by the CPU and should be considered a critical security fulcrum of a computer system, yet the innate trust in BIOS makes it an attractive target. In addition, BIOS is also stored on non-volatile memory and gets reloaded when powered on or off. Therefore, malware written into the BIOS would continually reinfect machines even after the hard drive has been replaced or reformatted with a new operating system. Finally, the high privileges and early boot process of BIOS makes successful antivirus scanning very difficult.
In order to secure BIOS, a set of security standards should be implemented, which includes verifying the authenticity and integrity of BIOS updates and verifying that the BIOS is protected from modification via the update process.
BIOS update security vulnerabilities
- Unsecure local update processes that require no physical presence or monitoring.
- Hacking of the BIOS update process by jeopardizing the authenticity and integrity of the BIOS update.
- Unintended or malicious modification of the system BIOS outside the authenticated BIOS update process, the Root of Trust for Update (RTU) and the system BIOS -- excluding configuration data used by the system BIOS that is stored in non-volatile memory.
BIOS update security, compliance strategies:
- Digital signatures need to be employed to ensure authenticity.
- Use the authenticated BIOS update image for an RTU that contains a signature verification algorithm and a key store that includes the public key needed to verify the signature on the BIOS update image.
- Develop a secure local update mechanism by requiring physical presence, and one that cannot be overridden outside of an authenticated BIOS update.
- The secure local update process should be used to provision the approved BIOS for that platform from the master image, the corresponding RTU should be installed, and BIOS-related configuration parameters established before computer systems are deployed.
- The organization should periodically perform assessments to confirm that the organization's BIOS policies, processes and procedures are being followed properly.
- System BIOS updates should be performed using a change management process and the new approved version should be documented in the configuration plan, noting that the previous BIOS image has been superseded.
BIOS data security vulnerabilities
- Existing sensitive data remaining on the computer system after leaving the organization creates a BIOS security risk.
- Lack of identifying inventorying and tracking the different computer systems across the enterprise throughout their lifecycle.
BIOS data security, compliance strategies:
- Before the computer system is disposed of, the organization should remove or destroy any sensitive data from the system BIOS.
- The configuration baseline should be reset to the manufacturer's default profile; sensitive settings such as passwords should be deleted from the system and keys should also be removed from the key store.
- Identifying and monitoring the BIOS image characteristics such as manufacturer name, version or time stamp allows the organization to perform updates, rollback and recovery.
- The organization should maintain a "golden master image" for each approved system BIOS, including superseded versions, in secure offline storage.
These BIOS security vulnerabilities need to be managed or hackers can access to the operating system to execute malicious code. In early 2017, security group Cylance showed how flaws in BIOS security could allow a ransomware program to run inside a motherboard's Unified Extensible Firmware Interface -- the modern BIOS. In April 2017 at the Black Hat security conference, the same group revealed how they exploited the vulnerabilities in the BIOS of two different PC models.
BIOS vulnerabilities are of a significant risk to computer security and creating compliance strategies can help corporations mitigate foreseeable threats.