“This is a technology where, if there’s some sort of
injection of malicious code, then the BIOS can
respond,” explained Stephanie Hallford, vice-
president and general manager of business
client platforms at Intel. “Some versions will have
the ability to communicate between the OS and
BIOS. The OS can also respond and protect
against the attack.”
Unfortunately, there’s not much you can do to
protect existing machines. “You need to replace
critical servers,” Knight said, adding that you will
also need to determine what your critical data is
and where it’s running.
“Intel and AMD are going to need to get on the
ball and democratize this,” Knight said. “As
malware writers get better, hardware vendors will
QHHG�WR�FDWFK�XS�DQG�PDNH�LW�D̆RUGDEOH� ́
THE PROBLEM IS WORSENING
Unfortunately, Knight said that the problem is
only going to get worse. “Crime kits and malware
kits are going to get easier,” she said.
Knight added that the only way for most
companies to avoid the problem is to move their
critical data and processes to the cloud, if only
because cloud service providers can better protect
against this kind of hardware attack. “It’s time to
transfer the risk,” she said.
And Knight warned that at the speed things are
moving, there’s little time to protect your critical
data. “This is going to get turned into a worm,”
she predicted. “It will become some sort of self-
propagating worm.” It’s the future of cyber
W
a
y
n
e
R
a
s
h
As malware
writers get
better, hard-
ware vendors
will need to
catch up and
make it
affordable.
