The new target of cybercriminals: the UEFI of your computer

20MINUTES


  • Unified Extensible Firmware Interface (UEFI) is the system that replaced the old BIOS.
  • Basically, UEFI is activated when you press the power button on your computer and is the intermediary between the installed hardware and the code executed to load the operating system.
  • The UEFI can be modified by commands external, what causes this to be one of his main weaknesses.

UEFI

you May not have ever heard the word UEFI and you know what that is on your computer, but what is certain is that it is becoming this year in the new target of cybercriminals to attack with malware your computer, according to reports from websites such as We Live Security, PC World or Computer Today.

Unified Extensible Firmware Interface (UEFI) is the system that replaced the old BIOS. The great problem of the security holes within the UEFI BIOS is that they allow the access to the basic component that manages the hardware of your computer and, this way, to install malware, which can be very complicated to remove, to the point of having to reprogram the UEFI.

Your computer, like many other computing devices, operate by executing code known as firmware: instructions that we know as the software and make the hardware (your PC or a smartphone, for example) to perform a function. The work of UEFI in your computer is the firmware installed in a flash memory chip on the motherboard of a computer that makes intermediary between the hardware installed and the code executed to load the operating system. This code can include a ‘post’ (power-on self-test) to make sure that things work correctly.

Basically, the UEFI is activated when you press the power button on your computer and at that time checks the hardware that you have on the motherboard and its operation, and then look for the boot loader (that contains the information about the location of the operating system and the instructions to start it). The firmware that forms the UEFI you can modify with orders external, what causes this to be one of your major weaknesses.

Despite the fact that the updates of the UEFI have been brought components that give them greater security, such as Secure Boot or ELAM (Early Launch Anti Malware), it is also true that some threats have been detected in recent times, as is the case of the malware Bootkit. This has the ability to modify the parameters of UEFI and load malware, ransomware or keylogers in a computer to infect it, or even prevent, that turn, according to details from the Computer Today. Since We Live Security recommend that you perform a scan of UEFI through a security solution, taking into account that the Bootkit can be used by cybercriminals, but also by national agencies and foreign, as the NSA and CIA, and private companies that sell ‘tools of surveillance’ governments.

Tecnología

The new target of cybercriminals: the UEFI of your computer
Source: english  
November 19, 2017


Next Random post