Drivers and firmware: If a hacker gets access to your operating system’s kernel through a driver and disables both the antivirus and the firewall, what good will it do if the software is updated?

Written by: Technical Program Manager Dan Svendsen

Introduction

Many of us do not realise how important it is to keep our computers’ drivers and firmware up to date. The Windows and antivirus and firewall products we do update, but drivers and firmware are something we tend to overlook.

There are several reasons why it is important to keep your drivers and firmware up to date:

  • Critical security holes are plugged
  • Computers operates more stably
  • Computers have better performance

In particular, the release cycle for Windows 10 used by Microsoft requires frequent updating of drivers and firmware for the system to have stable operation. Drivers and firmware namely often follow with the Windows version.

Security

At the annual DEFCON hacking conference, which was held in August 2019, the security firm Eclypsium presented the results of a study that documented security holes in more than 40 drivers from at least 20 different providers.

One look at the websites of the major computer manufacturers reveals that they release a good many driver updates that are aimed at plugging security holes monthly.

The largest manufacturers have released more than 30 updates for drivers suffering from critical security holes in the spring of 2020 alone.

Most security holes are plugged shortly after being discovered. Among other things, it took the manufacturers only a couple days after Eclypsium documented the security holes to release updated drivers. This demonstrates, in no uncertain terms, that manufacturers are also aware of the importance of prioritising security in connection with drivers.

There has been an uptick in ransomware attacks of more than 300% from 2018 to 2019!

Even if most ransomware attacks do not directly target driver vulnerabilities, this shows that the need for keeping drivers and firmware up to date has not diminished — quite the reverse.

For example, in 2019, the local government in Baltimore was infected by the ransomware RobbinHood, which takes advantage of a critical driver vulnerability. The attack affected more than 10,000 computers at an overall cost of DKK 120 million.

RobbinHood exploits a critical vulnerability in a kernel driver from Gigabyte — even though the driver is approved and digitally signed by the motherboard manufacturer.

The vulnerability gives the hacker unlimited access to the entire operating system. Once the ransomware shuts down the computer’s security, e.g. antivirus and firewall software, the user-related files on the computer are encrypted, and the user is denied access to them.

Access to the files is only restored if the user pays “ransom”.  

Functionality

Many IT departments have experienced challenges with the combination of Thunderbolt docks and one or more external monitors. The solution in the vast majority of cases has been to upgrade the firmware and drivers.

Likewise, many IT departments have had challenges with the fan in Microsoft Surface, which has run almost constantly. The solution here has also often been to update the firmware and drivers.

Performance & Stability

Drivers and firmware have a significant impact on a computer’s performance and stability, but it is difficult to assess their specific effect. The typical impression is only that the computer “is running better”.

As a specific example, in the summer of 2019, NVIDIA released their Gamescom Game Ready Driver, which improves the performance of some of their graphics cards by up to 23%.

Solutions

Most companies update their hardware drivers when they install a new computer, but there is rarely a focus on keeping drivers up to date afterwards.

The are some third-party products available on the market that can help keep a computer’s drivers up-to-date, but they primarily target the B2C market.

Many major hardware manufacturers have a separate software tool for managing driver updates, but if a company has hardware from several different manufacturers, they can quickly get complicated to administrate.

At CapaSystems, we have developed a unique service that targets the B2B market and uses a technology that is already built into Windows, and we call it CapaDrivers!

References

https://support.hp.com/th-en/document/c06599195

https://support.lenovo.com/dk/en/solutions/ht508988

https://www.nvidia.com/en-gb/geforce/news/gamescom-2019-game-ready-driver/

https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/

https://en.wikipedia.org/wiki/2019_Baltimore_ransomware_attack

https://blog.malwarebytes.com/reports/2019/08/labs-quarterly-report-finds-ransomwares-gone-rampant-against-businesses/

Download the free Whitepaper

 

"From operations to strategy"

 

You’re very likely facing this every day—a requirement for increased automation throughout the organization in order to raise competitiveness and also increase user satisfaction. That’s a difficult balancing act, and only few people succeed.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper regarding Digital Employee Analytics

 

"Employees are (also) the real success factor in the digital era"

 

In today’s digital world, employees build their careers on the ever-changing opportunities presented to them. So, competitiveness requires more from companies than ever before — you need to present your corporation as attractive as possible to existing as well as future employees.

Therefore, you need to incorporate the Employee Experience, which includes all aspects of the relation between the employee and the employer.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper

 

"How to select the right software provider"

 

Software providers abound, and very likely they will call you again and again wanting to present their solutions.

CapaSystems has made a brief guide with concrete advice on what you need to be aware of when you contemplate switching software providers or wish to integrate a new system in your organization.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download a free Whitepaper regarding the CIOs role in the future

 

"CIO as business developer"

 

It is crucial that businesses’ CIOs are able to identify, select and evaluate the IT services that provide maximum insight and increase growth and productivity. That requires tools that provide up-to-date operational insight into services’ functionality and stability.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

User Experience

Download free whitepaper regarding performance issues and end user simulation

 

"Solve your performance issues with end user simulation"

 

A recent study showed that Danish employees waste an average of 144 hours a year on slow computers. To a company of 500 employees, that is hundreds of thousands of Danish kroner. This whitepaper describes how you can minimise waiting time by having your IT provider comply with your service agreements.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free Whitepaper from CapaSystems regarding performance issues and how to awoid wasting time

 

"Analyze infrastructure and use time efficiently"

 

Performance problems and long login times can easily cost businesses and organizations time that corresponds to several full-time jobs every year. It can be hard to identify the roots of the problems with traditional solutions.

End-user performance monitoring, however, provides an overview that covers the entire infra-structure – from end users to network and server applications. That provides an accurate, factual basis for correcting current problems and for nipping future problems in the bud.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding BYOD

 

"Bring Your Own Device?"

 

Mix of personal and business applications on same IT devices makes IT departments worry.

But what about the security of your company in this universe of personal and business apps provided by a Bring Your Own Device (BYOD) culture?

 

 

 

Download the white paper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regardingShadow IT

 

"Cast new light on Shadow-IT"

 

It’s a challenge when employees and business units purchase technology and IT services without involving the IT department. You easily lose perspective of finances, agreements and where important information is located –and if you’re not able to name who’s responsible for support from day one, a service outage risks being interpreted as internal trouble, even though the IT department has nothing to do with it.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding security

 

"3 steps to secure the company against data sheft"

 

It is said that a chain is only as strong as its weakest link. Therefore, your weakest link in the IT systems will have to be properly secured. Here are our suggestions for three things that can secure your IT infrastructure.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.