According to Microsoft Corporation’s March 2021 Security Signals Report, 80% of businesses globally were victims of at least one Firmware attack in the past two years. Research also shows that about 29% of organizations/businesses allocate budget to protect Firmware.
–
The survey was conducted on 1,000 leaders operating in the security field of businesses from China, Germany, Japan, the UK and the US. Survey results show that most security investments are for security updates, vulnerability scanning and solutions to protect against information security risks. However, the risk of information insecurity coming from firmware has become a notable issue when 80% of businesses are victims of this attack.
Firmware is a type of computer firmware that provides low-level control over a specific piece of hardware of a device. Nowadays, it is becoming a target for hackers because it contains sensitive information such as authentication information and encryption keys . According to data from the US National Institute of Standards and Technology, there has been a fivefold increase in firmware attacks over the past four years.
The lack of investments focused on firmware protection such as kernel data protection (Kernel) or memory encryption is one of the worrying realities. The report shows that 36% of enterprises invest in hardware-based memory encryption and 46% invest in hardware-based Kernel protection.
Along with that, 21% of decision-makers admitted that they cannot track firmware data. 82% of Microsoft survey respondents admitted they do not have enough resources to allocate to preventing firmware attacks.
The report also highlights the risks of hardware-based attacks, such as the ThunderSpy attack targeting Thunderbolt ports, which uses direct memory access (DMA) to compromise access devices. into the Thunderbolt controller. Fortunately, awareness of firmware risks is increasing, driving more investment in this area.
–
The report also shows that companies from Germany, China, and the United States are ready to invest in security solutions at rates of 81%, 95% and 91%. Among them, companies operating in the financial services sector are not ready to invest in security solutions.
Therefore, to ensure the information and data of businesses, service solutions from cybersecurity companies are always the top choice.
Source: Antoanthongtin.vn
Vina Aspire is a consulting company, providing IT solutions and services, network security, information security & safety in Vietnam. Vina Aspire’s team includes skilled, qualified, experienced and reputable experts and collaborators, along with major domestic and foreign investors and partners to join hands in building.
Businesses and organizations wishing to contact Vina Aspire Company with the following information:
Email: info@vina-aspire.com | Website: www.vina-aspire.com
Tel: +84 944 004 666 | Fax: +84 28 3535 0668
Vina Aspire – Vững bảo mật, trọn niềm tin
