"Exclusive: CISA Sounds the Alarm on UEFI Security"
The Cybersecurity and Infrastructure Security Agency (CISA) is calling for improved security for Unified Extensible Firmware Interface (UEFI) update mechanisms in the wake of the debacle that has been mitigating the BlackLotus bootkit. CISA urges the computer industry to adopt a secure-by-design approach to improve the overall security of UEFI, which is the firmware responsible for a system's boot-up routine. It comprises several components: security and platform initializers, drivers, bootloaders, and a power management interface. According to Jonathan Spring, senior technical advisor at CISA, secure-by-design is about having the companies that create the software take responsibility for the security, which includes the update pathways. Threat actors can gain a high level of persistence on a device if UEFI is loaded with malicious code. That code will launch before the operating system or any security software, making it invisible to most incident response strategies and operating system-level defenses, as well as resistant to system reboots. This article continues to discuss the importance of improving UEFI security.
Dark Reading reports "Exclusive: CISA Sounds the Alarm on UEFI Security"