American tech company Dell introduced on Friday a new security tool developed to protect the global remote workforce from potential cyberattacks. The product, called Dell SafeBIOS Events & Indicators of Attack (IoA), works as a built-in security solution that helps PC users identify advanced endpoint threats conducted by unauthorized parties.
In a press release, the company noted that cybercriminals are now “altering their attack methods to compromise endpoints and access critical data.” The PC BIOS, especially, has been identified to be an area in PCs threat actors are likely to target.
To prevent this from happening and provide remote workers with a built-in security solution, Dell developed the Dell SafeBIOS Events & Indicators of Attack (IoA), which utilizes behaviour-based threat detection at the BIOS level.
“As workforces transition to remote work nearly overnight, organizations need to ensure their workers’ PCs are secure, starting below the operating system in the BIOS,” the release explained. “Securing the BIOS is particularly critical because a compromised BIOS can potentially provide an attacker with access to all data on the endpoint, including high-value targets like credentials.
In a worst-case scenario, attackers can leverage a compromised BIOS to move within an organization’s network and attack the broader IT infrastructure.”
BIOS, or Basic Input Output System, is the software responsible for handling a PC’s system setup process. Primarily, it is used by the device’s microprocessor to get the computer system started.
Among its other functions include data flow management and configuration of attached devices, such as the hard disk, video adapter, keyboard, mouse, and other related equipment.
When infected, BIOS can provide threat actors with immediate access to stored data. Since this area is also not often scanned by antivirus and other security products, cybercriminals can easily plant malware into the software without the risk of being detected.
With Dell’s latest tool, which operates at the BIOS level, PC users can detect when a malicious actor is on the move. This signal enables organizations with a remote workforce to respond and interrupt the attack.
“When BIOS configuration changes are detected that indicate a potential attack, security and IT teams are quickly alerted in their management consoles, allowing for swift isolation and remediation. SafeBIOS Events & IoA provides IT teams the visibility into BIOS configuration changes and analyzes these for potential threats – even during an ongoing attack,” the company explained.
