But on closer examination it looks like Redmond has some new toy to sell and that is the reason why it has started the talk about firmware security.
The software behemoth claimed in a study done for it by Security Signals, in the US, UK, Germany, Japan and China and covering 1000 tech decision-makers, that 80% of the firms had seen at least one firmware attack in the last two years. Yet, only 29% of security budgets were devoted to protecting firmware.
I've been really steering clear of the "firmware attacks" claims...i don't believe the community would even agree on what "firmware" is, let alone be able to distinguish attacks on firmware. Embedded OS's aren't traditionally "firmware".
— nluedtke (@nluedtke1) April 6, 2021
BBC business reporter Mary-Ann Russon wrote: "However, the new report comes on the back of a recent significant security vulnerability affecting Microsoft's widely-used Exchange email system.
|
|
"So is this just an attempt to divert attention and sell more PCs, or should businesses be more worried?"
Kevin Beaumont, a Microsoft researcher and a well-known security figure, pointed out in a tweet that some of his CISO friends did not seem to know what firmware was.
"I did a poll of some CISO friends about if they've been hit with firmware attacks, and most said yes," he wrote.
"So I asked for details. They had VPNs (e.g. Pulse Secure), WAFs etc owned, and needed to 'firmware upgrade', vendor description. Actually software upgrade to an appliance."
And he added: "Linux appliance upgrades have been termed by vendors as firmware upgrades, when really it's OS and software upgrades."
Towards the end of the study, the reason why Microsoft was going on and on about firmware security became apparent.
"With our partners, Microsoft has created a new class of devices specifically designed to eliminate threats aimed at firmware called Secured-core PCs," the Microsoft Security Team wrote.
"This was recently extended to Server and IOT announced at this year’s Microsoft Ignite conference.
"With Zero Trust built in from the ground up, this means security device managers will be able to invest more of their resources in strategies and technologies that will prevent attacks in the future rather than constantly defending against the onslaught of attacks aimed at them today."
And to drive home the point, the Microsoft post said: "The SDMs in the study who reported they have invested in secured-core PCs showed a higher level of satisfaction with their security and enhanced confidentiality, availability, and integrity of data as opposed to those not using them."
I have always referred to Microsoft as a marketing company first, and then a technology company. Posts like this tend to justify that conclusion.
