BIOS rootkit
(also basic input/output system rootkit)
BIOS rootkit definition
BIOS rootkit is a type of programming in a system’s memory that enables remote administration. While it has legitimate purposes like digital rights management, it’s also used for nefarious purposes. A BIOS cyberattack would give the attacker complete control of the device.
BIOS rootkit attack examples
In 2021, researchers found a series of vulnerabilities affecting approximately 30 million Dell devices that could give attackers complete control over the devices. The bugs were later patched up, and it’s unclear how or if any devices were attacked.
In 2013, a leaked catalog revealed that NSA used BIOS hacking as one of their attack tools. It provides software application persistence by attacking motherboard BIOS.
Stopping a BIOS rootkit attack
Keep your systems up to date. Since the vulnerabilities of BIOS usually reside with the device’s manufacturer, updating devices is the most reliable way to prevent attacks.
Reinstall your operating system. Depending on the type of rootkit, reinstalling your operating system may potentially clean the infected device.
Using third-party tools such as antivirus and anti-rootkit applications. Try using several different tools because just one may not be enough to wipe it.
Wipe your system. In the case of firmware or boot or kernel rootkits, third-party software may be ineffective.