Hundreds of Millions of PC Components Still Have Hackable Firmware
Research security firm Eclypsium released a report yesterday that included the results from an investigation into PC components. The firm found that despite years of warnings, the large majority of computers contain unprotected firmware, offering attackers a way to maintain a foothold inside your machine. The report stated that network cards, trackpads, Wi-Fi adapters, USB hubs, and webcams all contain firmware that is not updated and lack cryptographic verification.
This means that this firmware could be rewritten without any security check. This firmware could allow any malware that manages to run on a victim computer to exploit the unprotected components and intercept network communications. The attackers could even spy through a webcam that is vulnerable. At its worst, the attacker could hide this malware in obscure components, making mitigation almost impossible.