What is an UEFI attack and how can it affect your computer?

UEFI_scanner-623x432.jpg

Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business

Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a target?

There are many complex elements that make a laptop work, so let’s start at the beginning. When powering on a laptop you’ll see a screen providing startup and hardware options, known as firmware.  It’s built into the device and enables configuration of the hardware, and provides an interface between the hardware and the operating system. This used to be known as BIOS, but a newer standard called Unified Extensible Firmware Interface, or UEFI, provides this interface.

An infection in the UEFI means the attacker has full control over the device and can potentially compromise other devices on the network. And in September 2018 the first known attack on UEFI, known as “LoJax”, was launched via the infamous hacking group Sednit and used to establish a presence on victims’ device.

How can you protect against such a such as infection? There are a few simple steps that will help to keep you and your business safe, including ensuring the device has Secure Boot enabled and keeping the UEFI/BIOS firmware updated. Finally, and perhaps most simply, you can use an anti-malware solution that includes a UEFI Scanner to detect and remove threats.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s