Thursday, 19 March 2015

LightEater Attack: Popular Bios Security flaw

The security researchers have found that most popular Bios of hardware vendors are vulnerable to attacks. Considering the stealth, privilege and persistence most attacker prefer a low level attack. The most popular of them is Basic Input output System been one of them. The LightEater attack targets world most popular bios vendors.

"Because almost no one patches their BIOSes, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected, Kopvah, LegbaCore researcher stated.

"The high amount of code reuse across UEFI BIOSes means that BIOS infection can be automatic and reliable."

"The point is less about how vendors don't fix the problems and more how the vendors' fixes are going un-applied by users, corporations and governments."

The security researchers stress on the responsibility of the system administrators to apply vendor patches, something which is not being done. And further they warned about how simple to launch attack on victims whose BIOS are vulnerable to such attacks.

The security experts have conveyed the concern that most of the BIOS are insecure and provide undue advantage to the attackers. Even a person who don't possess special skill or knowledge about security and hacking would be able to launch attack against victims. All the attacker need is a few minutes of access to the victims computer to implant the bug.

The security researchers stated that they would soon release a automated script to BIOS vendors to test for vulnerability against reading and writing to all system memory. Almost 80% of the world computer is vulnerable to BIOS attack as most vendors use almost same code when it comes to BIOS except for few modifications depending upon the vendors.

The BIOS implant surfaced recently to the research community on the cue of Snowden documents which state that National Security Agency (NSA) which exploited this vector to spy on targets.

To patch up BIOS, it is recommended to install vendor patches to the respective BIOS. It would be better than to feel sorry tomorrow.

The Security experts who exposed the vulnerability are advocating for patch as early as possible. As the revelation has made the implant public which could be used against victims by anybody even they are not savvy about working of computer or how to launch an cyber attack on victims.

There is a huge buzz over the Snowden reports on how NSA spied over others. The report not only expose the vulnerability but also the extend through which NSA implanted spying bugs on targets. More to follow....

No comments:

Post a Comment