While detecting malicious software hidden in hardware parts is an incredibly complex task, cyber forensics course specialists believe that important steps are being taken to address this attack vector.
Recently, threat actors have refined their
methods to hide malware
within the firmware of hard disks, graphics cards, motherboards and other
commonly used components for the purpose of the antivirus detection software
systems being unable to detect harmful files.
Still, not everything is bad news; cyber forensics
course researchers report the development of a new method for identifying
malicious software at the hardware level. The method is to characterize the
energy use of a system as well as its individual components to determine if
there is a hidden malware and what variant it is.
Cyber forensics course specialists emphasize
that this method would not only be limited to desktop computing equipment, but
will also be able to analyze Internet
of Things (IoT) devices and industrial control systems in search of
malicious software.
It is important to note that many of these
devices do not have an operating system, because they only require executing
the code stored in their memory; therefore, anti-virus detection software
solutions are not functional for this kind of devices.
Specialists from the International Institute of
Cyber Security (IICS) mention that, although this is not a new method, the
novelty lies in the possibility of working on more than one type of
device.
Specialists anticipate that some very
sophisticated malware variants might try to replicate the power consumption registers
of these devices. During the tests, there were times when the investigators
were not able to detect the presence of the malware; however, the data theft by
malware could be reduced between 86 and 97%.
Although not a definitive solution, this
represents an important step in combating malicious hackers with advanced
skills and wide availability of resources.
