Henry Newman has a new post on Enterprise Storage Forum about firmware, rootkits and security:
[…] The issue for both of these hacks was that the chain of custody of the firmware was not tracked.
[…] What I think is really meant is that, in most cases, there is a change in the firmware to allow the device to either boot something that is not what you expected or to run something that you did not expect. It could be firmware on the motherboard (which is also called BIOS) or firmware on peripheral equipment such as a storage controller, network or even the disk or SSD drives. So how would you secure a system against an attack on the basic firmware of the system, whether it be from the inside or outside, or a bit of both?
[…] I think as we move forward, it is time to start asking vendors the following questions:
1. Who develops your firmware?
2. Where is it developed (country)?
3. How is the firmware inspected for malicious or bad code?
4. Is the firmware being developed for the hardware on systems that are connected to the Internet?
5. Is the firmware managed with secure hashes to ensure it is not perturbed from creation to loading?
[…] Firmware, I believe, is the next frontier in what is going to be attacked given how hard it is to detect bad firmware. Servers, networks, disks and SSD drives are all at risk unless vendors have a way of securing firmware. A secure firmware supply chain for your critical information – whether you are a small business, health care provider or a large multinational trying to protect your IP – is today, and will be tomorrow, a large challenge. […]
Full article:
http://www.enterprisestorageforum.com/storage-technology/rootkits-and-security.html
Firmware Security 