New attack methods can 'brick' systems, defeat Secure Boot, researchers say

Security researchers from Mitre found new ways to defeat the Secure Boot feature in UEFI and install boot-level rootkits

The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can be bypassed on around half of computers that have the feature enabled in order to install bootkits, according to a security researcher.

At the Hack in the Box 2014 security conference in Amsterdam, Corey Kallenberg, a security researcher from nonprofit research organization Mitre, also showed Thursday that it's possible to render some systems unusable by modifying a specific UEFI variable directly from the OS, an issue that could easily be exploited in cybersabotage attacks.

UEFI was designed as a replacement for the traditional BIOS (Basic Input/Output System) and is meant to standardize modern computer firmware through a reference specification that OEMs and BIOS vendors can use. However, in reality there can be significant differences in how UEFI is implemented, not only across different computer manufacturers, but even across different products from the same vendor, Kallenberg said.

Last year, researchers from Intel and Mitre co-discovered an issue in UEFI implementations from American Megatrends, a BIOS vendor used by many OEMs, Kallenberg said. In particular, the researchers found that a UEFI variable called Setup was not properly protected and could be modified from the OS by a process running with administrative permissions.

Modifying the Setup variable in a particular way allowed the bypassing of Secure Boot, a UEFI security feature designed to prevent the installation of bootkits, which are rootkits that hide in the system's bootloader and start before the actual OS. Secure Boot works by checking if the bootloader is digitally signed and on a pre-approved whitelist before executing it.

Bootkits have been a serious threat for years. In 2011, security researchers from Kaspersky Lab said TDL version 4, a malware program that infects the computer's master boot record (MBR), had infected over 4.5 million computers and called it the most sophisticated threat in the world. McAfee reported in 2013 that the number of malware threats that infect the MBR had reached a record high.

Aside from bypassing Secure Boot, the unprotected Setup variable can also be used to "brick" systems if the attacker sets its value to 0, Kallenberg revealed Thursday for the first time. If this happens, the affected computer will not be able to start again.

Recovering from such an attack would be hard and time consuming because it involves reprogramming the BIOS chip, which requires manual intervention and specialized equipment, the researcher said.

The attack could be launched from the OS by malware running with administrative privileges and could potentially be used to sabotage an organization's computers. It wouldn't be the first time when such destructive attacks occur.

In April 2012 Iran's oil ministry and the country's state-owned oil companies were hit with data-wiping malware that deleted information from some of their systems. A few months later, in August, a hacker group used malware to disable 30,000 workstations belonging to Saudi Aramco, the national oil company of Saudi Arabia.

Aside from the Setup variable issue, which American Megatrends has since fixed, Kallenberg presented another way to bypass Secure Boot which stems from OEMs not using a security mechanism called SMI_LOCK in their UEFI implementations.

The absence of this protection feature allows code running inside the kernel, like a system driver, to temporarily suppress SMM (System Management Mode) and add a rogue entry into the list of pre-approved bootloaders trusted by Secure Boot. When the system is then rebooted, the malicious bootloader would be executed with no Secure Boot error.

Researchers from Mitre developed a Windows software agent called Copernicus that can analyze the system's BIOS/UEFI and report the different security features it uses. They ran the tool in their organization across 8,000 systems and found that around 40 percent of them did not use the SMI_LOCK protection.

Those results are not representative across many OEMs, because Mitre uses a large number of Dell systems in particular, Kallenberg said, but the effort was expanded outside of the organization and around 20,000 systems have now been scanned. The goal is to scan 100,000 systems and then release a report, the researcher said.

Another issue is that even if OEMs release BIOS updates with SMI_LOCK protection in the future and customers install them, Kallenberg estimates that on 50 percent of systems it would be possible for an attacker to flash back an older, unprotected BIOS version from inside the OS.

Pulling off the SMM suppression attack requires access to kernel mode, also known as ring 0, but that's not necessarily a big issue for attackers, Kallenberg said. If an attacker manages to execute malware as a user process with administrative privileges -- for example by exploiting a vulnerability in other software applications or in the operating system itself -- he could install an older digitally signed driver from a legitimate hardware manufacturer that's known to have a vulnerability. Since the driver runs in kernel space, he could then exploit the vulnerability to execute malicious code with ring 0 privileges, the researcher said.

There are also other chipset dependent ways to suppress SMM and modify the Secure Boot whitelist that are still being investigated, but are not ready to be publicly disclosed yet, Kallenberg said.

Over the past year OEMs have started to pay a lot more attention to BIOS security research and have started to react, Kallenberg said. "I think we're finally at a place where you'll see OEMs take this more seriously."

Investigating BIOS security issues in the past was very hard for researchers because specialized BIOS debugging equipment that makes analysis easier costs US$20,000, Kallenberg said. However, the openness of UEFI allows more researchers to look into these problems and, hopefully, over the next few years the most obvious vulnerabilities will be identified and fixed, he said.

Join the CSO newsletter!

Error: Please check your email address.

Tags patchessecurityMitreDesktop securityExploits / vulnerabilitiesAmerican MegatrendsintelspywaremalwareDellintrusion

More about DellIntelKasperskyKasperskyMcAfee Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts