Microsoft and computer manufacturers are re-thinking the security at the heart of computers to protect them better. What do you need to know when you next buy computers for your company?
Hackers are increasingly attacking firmware because they remain invisible yet get the keys to your data kingdom.
Firmware is software embedded in the hardware that talks to the other software, such as Windows and your apps. It is attractive to hackers because it lies outside of routine patching. Firmware is trickier to patch and harder to monitor.
Some firmware runs at a privileged level when the computer starts before other security kicks in. Potentially, that undermines all subsequent security, including encryption. Hackers can steal your data and not leave a trace. That’s why firmware attacks have risen five-fold in the last four years.
Microsoft has worked with manufacturers, such as Dell, to create Secured-core PCs (and are expanding to cover servers and IoT). The code is burned into the chip, and it halts the start-up if it finds anything untoward. Of course, no system is infallible. Firmware burned into a chip cannot be updated. That could be a problem in itself. There is also lots of other hardware with firmware to attack inside a computer.
Find out more on the BBC Business site and Microsoft’s Security Blog.