Phlashing
Phlashing
(also permanent denial-of-service attack, PDoS, phlashing attack)
Phlashing definition
Phlashing is a cyberattack that aims to “brick” (make completely useless, akin to a brick) the target system by destroying its firmware or hardware. By overwriting critical system files or settings, the hacker ensures that the system will not be able to function even after restarting.
The term “phlashing” is derived from the word “flashing,” which refers to overwriting the firmware of a device. Phlashing attacks are relatively rare compared to other types of cyberattack because they rarely benefit the attacker directly — they do not steal any sensitive data or lock down a system for ransom.
See also: cyberattack, firmware, buffer overflow attack
Common types of phlashing
- Firmware corruption: By exploiting vulnerabilities in the system’s firmware, the attacker can overwrite it or corrupt it. Firmware corruption may be accomplished by such techniques as buffer overflow or injection of malicious firmware updates.
- Hardware manipulation: If the attacker has physical access to the target system, they may destroy it or damage critical components (such as integrated circuits or memory chips).
- Configuration tampering: An attacker may modify the device’s critical parameters or configuration settings to disrupt its normal operations.
Stopping phlashing attacks
- Update firmware regularly to patch out discovered vulnerabilities that attackers might exploit.
- Limit physical access to devices to prevent direct hardware manipulation — for example, you may want to implement security checks for people entering the premises.
- Use intrusion detection systems and firewalls to protect your network from unauthorized attempts to update firmware remotely.