Adversaries may overwrite or corrupt the flash memory contents of system BIOS or other firmware in devices attached to a system in order to render them inoperable or unable to boot. Firmware is software that is loaded and executed from non-volatile memory on hardware devices in order to initialize and manage device functionality. These devices could include the motherboard, hard drive, or video cards.
|Boot Integrity||Check the integrity of the existing BIOS and device firmware to determine if it is vulnerable to modification.|
|Privileged Account Management||Prevent adversary access to privileged accounts or access necessary to replace system firmware.|
|Update Software||Patch the BIOS and other firmware as necessary to prevent successful use of known vulnerabilities.|
System firmware manipulation may be detected. Log attempts to read/write to BIOS and compare against known patching behavior.