[German]Microsoft has released a security report stating that 83% of all companies have suffered an attack on their device firmware in the last two years. This suggests that security managers in companies should keep an eye on this and secure the systems in this regard.
Advertising
This topic has been sitting in my agenda for a few days now, as I became aware of it days ago via the following tweet on Twitter.
The tweet links to this article with the message: cybercriminals are not only using increasingly sophisticated methods, they are also using new attack vectors and are increasingly targeting firmware. As evidence, Microsoft cites its new Security Signals Report, which examined attack scenarios.
Changing threats
Microsoft notes that threats are changing because much is also "protected by the cloud." Security Signals Report shows firmware attacks in particular are on the rise – and organizations aren't paying enough attention to securing this critical area. The Signals report surveyed 1,000 corporate IT security professionals about security, and 83% of companies have experienced a firmware attack in the past two years, the report says. But only 29% of security budgets would be invested in securing this area.
"There are two types of companies – those that have experienced a firmware attack and those that have experienced a firmware attack but don't know it," warns Azim Shafqat, partner at ISG and former managing vice president at Gartner. The elaboration is a bit of advertising for Microsoft's Secure PC – that's as clear as day. So the whole thing doesn't go unsaid. In the following tweet, however, Brian from Pittsburg counters, and doubts these statements.
Advertising
Well, judge yourself an form your own opinion – I have linked the report.
With Win 10 a self-corrupting OS now, I trust anything coming out of Redmond as far as I can throw a grand piano.
And that includes security statements.
VERY low credibility.