Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:02
You're listening to the CyberWire Network
0:04
powered by N2K. The
0:15
word is UEFI. The
0:23
word is UEFI. The
0:32
word is
0:35
UEFI. The
0:38
word is UEFI. The
0:48
word is UEFI or
0:50
System. Example
0:54
sentence. UEFI
0:57
provides enhanced control, security, and
0:59
manageability of the system's start-up
1:01
process. Origin
1:09
and Context. In
1:12
the 1980s, the personal computer boot
1:14
process goes through two stages. A
1:16
power-on self-test or post-hardware phase that
1:19
ensures the necessary components are present
1:21
and functioning properly. And
1:24
a basic input-output system or BIOS
1:26
software phase that tells the CPU
1:28
how to load the operating system.
1:31
By the late 1990s, Intel, the
1:33
chip manufacturer, and other vendors started
1:35
working on ways to add more
1:37
functionality to the BIOS software stage
1:39
and to overcome the limitations of
1:41
the original design. By
1:43
the mid-2000s, hardware and software
1:46
vendors formed the UEFI Forum
1:48
to advance innovation in firmware
1:50
technology standards. The question is,
1:53
what happens if adversaries compromise the
1:55
interface? That situation
1:57
would give malicious teams an almost
1:59
invisible persistence, a
2:01
stealth beachhead, to begin traversing the
2:03
intrusion kill chain. Since
2:05
the boot process runs the UEFI
2:08
program before the operating system loads,
2:10
the traditional endpoint protection solutions
2:13
like antivirus and EDR or
2:15
endpoint detection response can't
2:17
completely eradicate a compromised UEFI
2:19
system. Those prevention controls
2:22
aren't running during the boot process.
2:24
Even after the boot, if they detected
2:26
clues that hackers compromised the interface and
2:29
succeeded in deleting the associated
2:32
artifacts, the compromised UEFI program
2:34
would just reestablish itself at
2:36
the next reboot. There
2:38
are ways to harden the UEFI system
2:40
to reduce the likelihood of compromise, but
2:42
they can't be implemented while the operating
2:44
system is running. That installation
2:46
friction prevents many PC owners from
2:49
deploying them. Nerd
2:57
reference. According to Andy
3:00
Greenberg at Wired Magazine, the
3:02
CIA may have been the first nation
3:04
state to get caught using this technique
3:06
and also prove that some of their
3:08
developers are Dr. Hoofans. The Vault
3:10
7 cache of secret CIA documents
3:13
released by WikiLeaks in March of
3:15
2017 describe a series of hacker
3:17
tools or a UEFI attack. One
3:20
called the Sonic Screwdriver in a nod
3:23
to the British television's long-running sci-fi show
3:26
modified the firmware of a standard
3:28
Apple Thunderbolt to Ethernet adapter that
3:31
tricked a Mac into booting its operating
3:33
system from a spoofed network source that
3:35
the adapter impersonates. According
3:38
to Craig Elby at the Screen Rant
3:40
website, the current iteration of
3:42
the Time Lord's Sonic Screwdriver is
3:44
quote, a weapon, a tool, a
3:46
scanner, and a plot device all
3:48
rolled into one convenient package, unquote.
3:51
But when it was first introduced in 1968, it
3:54
was literally just a screwdriver used by the
3:56
good doctor to repair a broken pipe and
3:59
look like a small metallic pencil with a
4:01
light at the end. With
4:03
all of that said, at least we know that
4:05
somebody in the CIA is a Doctor Who fan.
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More