What is an UEFI attack and how can it affect your computer?

Next story

Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business

Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a target?

There are many complex elements that make a laptop work, so let’s start at the beginning. When powering on a laptop you’ll see a screen providing startup and hardware options, known as firmware.  It’s built into the device and enables configuration of the hardware, and provides an interface between the hardware and the operating system. This used to be known as BIOS, but a newer standard called Unified Extensible Firmware Interface, or UEFI, provides this interface.

An infection in the UEFI means the attacker has full control over the device and can potentially compromise other devices on the network. And in September 2018 the first known attack on UEFI, known as “LoJax”, was launched via the infamous hacking group Sednit and used to establish a presence on victims’ devices.

How can you protect against such a such as infection? There are a few simple steps that will help to keep you and your business safe, including ensuring the device has Secure Boot enabled and keeping the UEFI/BIOS firmware updated. Finally, and perhaps most simply, you can use an anti-malware solution that includes a UEFI Scanner to detect and remove threats.