The Rise of Firmware Attacks
Government and Enterprise organisations have been modernising their security stack by building layers of integrated controls on top of the operating system and network infrastructure.
From AV, we moved to EDR, and now to XDR and beyond. This has put pressure on the adversaries; forcing them to move faster.
Yet, they have readily adapted, and they are now going even deeper by attacking below the operating system at the firmware and hardware level, (as well as the infrastructure devices themselves ) , to gain indefinite persistence, or worse.
With endless vulnerabilities to exploit, firmware attacks are on the rise.
This talk will:
- Expose recent supply chain and RaaS attacks by both APT's and criminal actors,
- Dive into why they have arisen, and
- Recommend ways to get ahead of them.