Despite persistent and ongoing threats, enterprises only dedicated under a third of their security budgets to mitigating firmware. That’s seemingly not enough to prevent attacks. Firmware attacks a known for being tough to manage and Microsoft services are vulnerable to such threats. Indeed, back in 2018, a state sponsored group called Fancy Bear was found leveraging a Unified Extensible Firmware Interface (UEFI) for attacks on Windows 10. Since then, Microsoft has been working to ensure such an attack cannot happen again. In 2020, the company added a UEFI scanner to Microsoft Defender. The UEFI scanner has a tool that can scan firmware filesystems while performing security checks.
Serious Problem
However, it does not really matter what Microsoft does if organizations are not taking firmware-level attack seriously. Microsoft’s study, conducted on the company’s behalf by Hypothesis Group, shows companies are not dedicating enough resources to this problem. “The study showed that current investment is going to security updates, vulnerability scanning, and advanced threat protection solutions,” Microsoft says. “Yet despite this, many organizations are concerned about malware accessing their system as well as the difficulty in detecting threats, suggesting that firmware is more difficult to monitor and control. Firmware vulnerabilities are also exacerbated by a lack of awareness and a lack of automation.” Of the 1,000 security executives the study canvased, 82% claim they do not have the resources to manage a high-impact firmware attack. They say most of their time and budget goes on issuing hardware upgrades, delivering patches, and mitigating other vulnerabilities. Tip of the day: When using your Windows 10 laptop or convertible with a mobile hotspot you might want to limit the Internet bandwidth your PC uses. In our tutorial we are showing you how to set up a metered connection in Windows 10 and how to turn it off again, if needed.