Is it possible to stop the damage from a cyberattack after it’s already happened?
In this InTechnology video, Tom and Camille talk with Jorge Myszne. They get into how Root of Trust works, what firmware attacks look like, and how companies can protect themselves from firmware attacks.
How Root of Trust Works
Root of Trust is the first line of defense against firmware attacks. As cyber criminals and security defenses have gotten smarter, attackers now have to go beyond application- and operating system-level attacks in order to get what they want. By using an integrated system of signatures and encrypted data, Root of Trust can indicate whether or not a system’s firmware has been tampered with. The malicious firmware, if left undetected, can lead to a series of security breaches to operating systems and applications—affecting personal and company data. Root of Trust gives end users peace of mind.
What Firmware Attacks Look Like
Firmware attacks come in many shapes and sizes, and they cause serious trouble if they aren’t detected. You can’t simply turn your device off and back on to make them go away. A firmware attack can cause expensive repairs because a computer or server’s physical parts have been compromised.
The tricky part about detecting firmware attacks is they can happen in many different ways. Attackers can get their hands on firmware in the supply chain, remotely through malicious firmware updates, by exploiting vulnerabilities in faulty firmware, and even by physically making alterations once a device is with its end user.
How to Protect Your Company from Firmware Attacks
Right now, there is no reliable way to prevent firmware attacks from happening. What companies can do, however, is use Root of Trust systems to detect if a firmware attack has happened and prevent a device from being used if it has been attacked. Root of Trust is important both in the production and update processes of a device’s lifecycle since firmware attacks can happen at any time.
Jorge Myszne, Co-Founder of Kameleon
Jorge Myszne has over 20 years of experience in the semiconductor, communications, and security industries. Before his career took off, Jorge earned an M.S. in Electrical, Electronics, and Communications Engineering at Universidad de la República in Uruguay. He co-founded the hardware security company Kameleon in 2018. Before Kameleon, Jorge worked at Intel from 2000-2007 in Israel as a Senior Systems Engineer and Manager.
Check it out. For more information, previous podcasts, and full versions, visit our homepage.
To read more about cybersecurity topics, visit our blog.
#rootoftrust #RoT #firmware
The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.
If you are interested in emerging threats, new technologies, or best tips and practices in cybersecurity, please follow the InTechnology podcast on your favorite podcast platforms: Apple Podcast and Spotify.
Follow our hosts Tom Garrison @tommgarrison and Camille @morhardt.
Learn more about Intel Cybersecurity and Intel Compute Life Cycle (CLA).