BIOS needs stronger security, say researchers

BIOS needs stronger security, say researchers

The computer industry must build better security into the boot process to create safer systems, according to the US's National Institute of Standards and Technology (NIST).

The basic input/output system (BIOS) in a computer is especially at risk because of the central role it plays within PC, according to the NIST engineers working on the project.

“Unauthorised modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS’s unique and privileged position within the PC architecture,” NIST said.

“A malicious BIOS modification could be part of a sophisticated, targeted attack on an organisation, either a permanent denial of service (if the BIOS is corrupted) or a persistent malware presence (if the BIOS is implanted with malware).”

As a result, the institute has called for manufacturers and BIOS creators to use a series of measures that it claims would enhance security from the bottom up.

Primarily, NIST demanded building ID verification features into the BIOS to help protect it from attackers.

Hackers could currently abuse the access routes built into systems to allow manufacturers to update system firmware, fix bugs, patch vulnerabilities and support new hardware.

“The guidance calls for using cryptographic digital signatures to authenticate the BIOS updates before installation,” NIST said.

This article originally appeared at pcpro.co.uk

Source: Copyright © PC Pro, Dennis Publishing

See more about:  bios  |  needs  |  stronger  |  security  |  researchers
 
 

Readers of this article also read...

Unboxed: MSI GeForce GTX 780 Lightning 

Unboxed: MSI GeForce GTX 780 Lightning

 
Unboxed: ASUS Z87I-PRO 

Unboxed: ASUS Z87I-PRO

 
Faster, lighter, more juice: meet 20 new laptops with Intel's new chip 

Faster, lighter, more juice: meet 20 new laptops with Intel's new chip

 
Best Android apps this week 

Best Android apps this week

 
First Look: Gigabyte G1.Sniper 5 

First Look: Gigabyte G1.Sniper 5

 

Latest Comments

Latest Competitions

Win! A Silicon Power Gift Pack! 

Win! A Silicon Power Gift Pack!

Complete with 8GB flash drive and 1TB portable hard drive!
 

Latest Poll

What PC component are you planning to upgrade in the next six months










Ads by Google

From our Partners

PC & Tech Authority Downloads