BIOS (basic input/output system) is firmware used to perform hardware initialization during the booting process, and to provide runtime services for operating systems and programs. The BIOS firmware comes pre-installed on a personal computer’s system board.
Dell update the information in blog, the Cybercriminals are opportunistic by nature, altering their attack methods to compromise endpoints and access critical data. This is never truer than during times of change such as now with the overnight shift to a global remote workforce. With cybercriminals ramping up activity, organizations need to protect their remote workers starting with the devices they use to get their jobs done.
One area attackers will target is the PC BIOS, the core system built deep inside the PC that controls critical operations like booting the PC and ensuring a secure configuration. To protect against BIOS attacks, organizations need built-in security solutions to protect endpoints.
Also See- Microsoft Open Source Inspector Tool
In response, Dell Technologies is introducing Dell SafeBIOS Events & Indicators of Attack (IoA) to further protect our commercial PCs, which are already the most secure in the industry. SafeBIOS Events and IoA uses behavior-based threat detection, at the BIOS level, to detect advanced endpoint threats.
With remote work increasing security gaps and the high economic pressure for businesses large and small to perform, Dell Technologies is arming customers with security solutions and best practices to better secure their PCs so they can stay focused on serving their end customers.
Dell SafeBIOS Events and Indicators of Attack
As workforces transition to remote work nearly overnight, organizations need to ensure their workers’ PCs are secure, starting below the operating system in the BIOS. Securing the BIOS is particularly critical because a compromised BIOS can potentially provide an attacker with access to all data on the endpoint, including high-value targets like credentials. In a worst-case scenario, attackers can leverage a compromised BIOS to move within an organization’s network and attack the broader IT infrastructure.
Organizations need the ability to detect when a malicious actor is on the move, altering BIOS configurations on endpoints as part of a larger attack strategy. SafeBIOS now provides the unique ability to generate Indicators of Attack on BIOS configurations, including changes and events that can signal an exploit.
When BIOS configuration changes are detected that indicate a potential attack, security and IT teams are quickly alerted in their management consoles, allowing for swift isolation and remediation. SafeBIOS Events & IoA provides IT teams the visibility into BIOS configuration changes and analyzes these for potential threats – even during an ongoing attack.
Detection at this level allows organizations to respond to advanced threats quickly and successfully, interrupting the attack chain before it’s able to do more damage. The SafeBIOS Events & IoA utility is available globally today for download on Dell commercial PCs as part of the Dell Trusted Device solution.