Last week, Dell issued a new security tool to defend personal computers from BIOS attacks.
As an increasing number of employees turn to work from home, hackers are changing their attack tactics to affect endpoints and reach important data, Dell revealed.
The company expects attackers will likely target the BIOS, a system built deep into the core of personal computers that deals with important operations such as booting the machine and setting up a safe configuration.
David Konetski, Dell fellow and vice president of the client solutions office of the CTO, said: “Previously, for many companies, only a fraction of their workforce was working remotely full time.”
“When most companies’ security systems and processes were originally put in place, they were created to scale but not at the rapid rate we’re experiencing today,” he added.
Some companies are working to accommodate the change by increasing their VPN bandwidth and accessibility. Some are arranging more endpoint technology to help employees be more prolific while working remotely but are letting them use personal devices amid the change. This could enhance security risk by bringing enterprise data onto unsafe devices.
The elevated risk of BIOS-centric attacks isn’t essentially connected to working from home, Konetski clarifies, but to the number of endpoints coming onto the network.
“With the number of endpoints growing, IT and security teams have more devices to manage, making it difficult to monitor for BIOS-level changes,” he says.
BIOS attacks are extremely classy and can give a hacker the keys to all data on the endpoint, including valued credentials. Someone could use a compromised BIOS to move sideways through an enterprise network and target the wider IT infrastructure.
Attackers could do this by employing a method like credential harvesting to gain access to current systems organization tools and interfaces, which could allow them to adapt the BIOS configuration as the first step in the attack chain.
Companies can better protect against these types of attacks if they know when an prowler is moving throughout the network and changing BIOS configurations on worker devices.