Sunday, May 15, 2016

Firmware implants (aka the APT bogey man)

I was recently brought into a discussion about verifying the firmware on laptops purchased from a particular manufacturer.  The security concern was that a particular vendor might insert malicious code as a way to get into the organization - presumably acting on behalf of some nation state.  This is a very mature concern to be asking about - the reality is that most have no idea whether or not their firmware is secure.  But supply chain compromise is a very real fear to have.  Buying from trusted manufacturers and vendors can help, but doesn't completely solve the issue.

I'll start by saying that laptop firmware (all firmware actually) is hard to verify.  The problem is that short of extracting the firmware using anything short of a chip extraction and an EEPROM reader (destructive, difficult, and expensive) you are relying on the firmware itself to aid in the extraction of the firmware.  If the firmware is compromised, it could just as easily present something different to you when you try to extract it.  Using a software based extraction method is like asking a criminal if they committed a crime - you're asking them because you have a suspicion something is wrong, but they could lie to you just as easily as telling you the truth.  It's unreliable.

A highly respected colleague chimed in on the issue as well and said that firmware implants are probably just a means of persistence for other code.  This is certainly what I would expect.  With good system monitoring (and memory forensics) you'll see that other code, no matter how stealthy it is.  The goal of the firmware implant is to make sure that when you reload the machine, the badness comes back at some later date without the attacker having to re-compromise the machine.

Now for some cold, hard truth: If you have supply chain concerns, get a new supplier.  Yes, practically all of our digital devices are made offshore now, but some suppliers are more trustworthy than others.  If this is a concern in your organization, flashing the firmware with a known good is also recommended.  While an infected firmware could theoretically ignore the flash, it's highly unlikely to work.  If the new BIOS has some recognizable difference that you can observe all the better.

I'll close by telling you the same thing I tell any of my Rendition Infosec clients looking for APT boogey men: Yes, very advanced attacks (and attackers) exist.  But honestly you're better off using your limited security resources to address the easy stuff: e.g. net flow and PCAP monitoring.  If you get these two right, you'll see the attacker exfiltrating data from the network - even if they ARE using a firmware implant.


  1. A wise man said something along the lines of "Prevention is ideal, but detection is a must." :) Firmware compromise is but one TTP, but (hopefully) a good detection program will pick up all of them -- if you are that important, they aren't going to use just one.

  2. This comment has been removed by a blog administrator.


Note: Only a member of this blog may post a comment.