So, I understand how general exploitation works. For instance, a stack overflow. However, I don’t understand how it’s possible to directly write to firmware within a device.
For those in the cyber security field, we know how easy it is to launch someone’s webcam on their mobile device or laptop remotely using metasploit; however, this can be taken a step further. It’s known that webcams generally turn on a light when the webcam is enabled. It’s also known that there are exploits that “rewrite” firmware to disable this feature. How is this possible, especially without physical access? Can it be done with a script?
In: Technology
It can be done, although because it is relatively technically difficult and because it is beyond the needs of most hackers, it remains relatively rare. Even hackers with the ability to deploy it tend to so so selectively.
However, it is entirely possible. Software needs to interface with firmware on hardware. Any interaction invites manipulation. This is made easier by the fact that with few exceptions there is no crypographic signing for firmware – effectively a signature enabling the software to check the firmware is legit. Antivirus software does not check firmware. Once infected, any malware is unlikely to be removed.
Added to this is the fact that hardware manufacturers clients are overwhelmingly manufacturers, not end users. Manufacturers want components that are easy to work with – and firmware increased security tends to make that more difficult.
Obscurity doesn’t work forever and inevitably as the sheer volume of firmware-controlled devices gets connected to the internet such attacks will increase.
Latest Answers