New way to detect the malware hidden in hardware

While detecting malicious software hidden in hardware parts is an incredibly complex task, cyber forensics course specialists believe that important steps are being taken to address this attack vector.

Recently, threat actors have refined their methods to hide malware within the firmware of hard disks, graphics cards, motherboards and other commonly used components for the purpose of the antivirus detection software systems being unable to detect harmful files.

Still, not everything is bad news; cyber forensics course researchers report the development of a new method for identifying malicious software at the hardware level. The method is to characterize the energy use of a system as well as its individual components to determine if there is a hidden malware and what variant it is.

Cyber forensics course specialists emphasize that this method would not only be limited to desktop computing equipment, but will also be able to analyze Internet of Things (IoT) devices and industrial control systems in search of malicious software.

It is important to note that many of these devices do not have an operating system, because they only require executing the code stored in their memory; therefore, anti-virus detection software solutions are not functional for this kind of devices.

Specialists from the International Institute of Cyber Security (IICS) mention that, although this is not a new method, the novelty lies in the possibility of working on more than one type of device. 

Specialists anticipate that some very sophisticated malware variants might try to replicate the power consumption registers of these devices. During the tests, there were times when the investigators were not able to detect the presence of the malware; however, the data theft by malware could be reduced between 86 and 97%.

Although not a definitive solution, this represents an important step in combating malicious hackers with advanced skills and wide availability of resources.