Hacking BIOS at CanSecWest Security Conference

Hacking even the most secure data is easier than previously thought. This was evidenced by two researchers at the CanSecWest security conference in Vancouver last week.

The two computer security experts, Xeno Kovah and Corey Kallenberg, exhibited a proof-of-concept, showing hacking BIOS chips, which are microchips containing the firmware of a computer’s motherboard.

“The BIOS boots a computer and helps load the operating system,” Wired explained. “By infecting this core software, which operates below antivirus and other security products and therefore is not usually scanned by them, spies can plant malware that remains live and undetected even if the computer’s operating system were wiped and re-installed. “

The attacks can be levied either through remote exploitation — such as phishing emails — or through “physical interdiction of a system,” Wired reports. The researchers discovered what they called “incursion vulnerabilities,” giving them access to the BIOS. Once the BIOS is compromised, they can grant themselves the highest of system privileges. Then, they are able to gain all sorts of control over the system. This includes the ability to steal passwords as well as surveil other data.

Kovah told Business Insider that of the 10,000 enterprise-grade machines they analyzed, 80% of them had at least one BIOS vulnerability.

Most alarming is that any and all data is up for grabs once the BIOS is compromised. This means encrypted data is accessible — even if the computer user is using privacy-oriented security software.

For example, the researchers said that the Tails system — a widely used OS known for its immense security — could be hijacked. Edward Snowden and Glenn Greenwald use Tails to share data. Kovah and Kallenberg say that their malware could subvert Tails making it possible to gain access to any of its data.

The ramifications for computer security are huge. For one, it was previous thought that only the most well-equipped hacking guns, like deep-pocketed governments, were able to compromise BIOS chips. This was most recently evidenced by findings from the Kaspersky Lab, which discovered a series of attacks targeting computers’ firmware from what appears to be the NSA.

Now, given that Kovah and Kallenberg were able to hack these chips without a billion dollar government budget, things have changed. Already vendors are working on patches to deal with the vulnerability, but there’s no way to know what sort of damage has already been done.

While the vectors for attack are numerous, Kovah and Kallenberg hope their findings bring awareness to how critical firmware security truly is. At the very least, they hope this forces companies to patch their systems. As Kovah explained, even when new patches are issued, “we keep finding new vulnerabilities.”

Shopping Cart
Scroll to Top