Hardware Vulnerabilities - CompTIA Security+ SY0-701 - 2.3

Hardware Vulnerabilities

• We are surrounded by hardware devices

- Many do not have an accessible operating system

• These devices are potential security issues

- A perfect entry point for an attack

• Everything is connecting to the network

- Light bulbs, garage doors, refrigerators, door locks

- IoT is everywhere

• The security landscape has grown

- Time to change your approach

Firmware

Software that is permanently stored in a chip. The BIOS on a motherboard is an example of firmware.

Vendors are the only ones who can fix their hardware

Trane Comfortlink II thermostats

- Control temperature from your phone

- Trane notified of 3 vulnerabilities in April 2014

- Two patched in April 2015, one in January 2016

End of Life (EOL)

- Manufacturer stops selling a product

- May continue supporting the product

- Important for security patches and updates

EOSL

- Manufacturer stops selling a product

- support is no longer available for the product

- No ongoing secuirty patches or updates

- May have a premium-cost support option

Technology EOSL is a significant concern

- Security patches are part of normal operation

Legacy Platforms

Some devices remain installed for a long time

- Perhaps too long

Legacy devices

- Older operating systemsm applications, middleware

May be running end-of-life software

- the risk needs to be compared to the return

May require additional security protections

- Additional firewarll rules

- IPS signatures for older operating systems