What are the Threats of Insufficient Firmware Security?
What can go wrong?
The risks of poor firmware security can be quite scary and even life-threatening:
- In 2015, hackers demonstrated that it was possible to remotely tamper with the firmware of the Jeep Cherokee, including shutting down the car’s engine entirely. The car’s manufacturer, Fiat Chrysler, was forced to recall 1.4 million vehicles in the U.S.
- Also in 2015, the power grid in Ukraine was the subject of a massive cyberattack that targeted three of the country’s biggest energy distribution companies. The attack disrupted power services to 230,000 people for a duration of 1 to 6 hours. Experts attributed responsibility to hackers supported by the Russian government.
- Life-saving devices such as pacemakers and defibrillators are potentially hackable, although there are no documented cases of this so far.
What areas are most susceptible to firmware threats?
Some of the types of devices that are most susceptible to firmware threats and vulnerabilities are:
- Those devices that have an Internet connection, can't be updated OTA, and that the user does not interact with frequently (e.g. an Internet router). In this case, it’s easy for users to forget about updating the device.
- Those devices that use closed source or proprietary firmware, which means that it’s unable to be vetted by the user community. Firmware is often created as quickly and cheaply as possible, and no one outside the manufacturer is able to check the code for vulnerabilities.
Why It's Hard To Get Firmware Security Right
Attacks on firmware are difficult to detect with current antivirus and security software. This is because firmware resides at architectural levels of the device that are not usually accessible to these tools.
Once malware has infiltrated the firmware, it gains full access to the system. What’s more, malware hidden inside firmware is hard to erase—it can even survive reboots and fresh installs of an operating system.
Firmware is also not as straightforward to update as software. Users might have to download a patch from the manufacturer and make some changes to the device settings. Although OTA updates are becoming more common, they’re still far from mainstream.
In addition, there is currently a lack of strong open source platforms for firmware security. The idea of devices running firmware while connected to the Internet is relatively new, and there aren’t a lot of open source tools on the market. Another complication is that most firmware runs in an environment with severe hardware resource constraints, which makes it difficult to run industry-recognized security tools and procedures on the firmware.
Best Practices for Implementing Firmware Security
What can you do to ensure that your firmware security is sufficient?
- As more open source tools and platforms become available, it will be easier to identify and implement best practices for firmware security. Tools such as PlatformIO are a good start.
- Firmware developers must have verification processes in place. Your code should always be checked by a third party for vulnerabilities.
- The device should be kept as "dumb" and simple as possible. If possible, any complicated work should be offloaded to servers in the cloud that can be updated easily.
- Vulnerabilities in hardware components themselves, such as Spectre, are also important to keep tabs on.
If you’re concerned about firmware security, the most important trait you can have is proactiveness. Take the time to educate yourself about the current threats, platforms, and best practices.
The field of software security is already quite robust and mature. In order to improve firmware security, we expect that much of organizations’ knowledge and experience from software security will make its way into firmware as well.
Concerned about the security of the firmware on your own device? Reach out to a skilled technology partner like Very to learn how we can help.