83% of businesses have experienced firmware attacks recently

Reading time icon 2 min. read


Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

Key notes

  • Enterprise firmware security is more vulnerable today than it was last year, Microsoft says.
  • Attackers have refined their strategies and companies don't invest in prevention measures.
  • 83% of the companies have been through a firmware attack recently; many don't even know they have been targeted.
  • Microsoft has launched a secured-core class of devices that provide kernel security out of the box.
increase in firmware attacks

Cyberattacks on corporate firmware have intensified over the past two years, according to a study commissioned by Microsoft.

More than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware.

Firms do invest in monitoring network vulnerabilities and scanning techniques; but one of the reasons for the alarming mentioned numbers would be that firmware is more difficult to monitor, Microsoft says.


Why are firmware attacks more appealing for hackers?

why are attacks on firmware successful

In terms of effort, attacks on software are easier to finalize. However, hackers prefer targeting firmware because, if successful, they guarantee access to a company’s credentials and encryption keys. And the damage is considerably more substantial.

Given the increased security measures taken by companies recently, attackers have also invested more time in perfecting their strategies.

As a result, many companies don’t even know they have been exposed to such a security breach so they don’t particularly take appropriate measures.

How to prevent attacks on firmware?

prevent firmware attacks

To prevent these types of attacks, enterprises should focus on using Kernel data protection (KDP) and memory encryption solutions. These techniques work by blocking malware from accessing kernel memory.

However, only 36% of businesses invest in hardware-based memory encryption and less than half (46%) are investing in hardware-based kernel protections, the study says.

So companies spend more time and resources on post-attack measures than on designing prevention strategies, which the source rates as outdated methods

The main reason for these trends would be the lack of automation. Consequently, Microsoft proposes a new class of devices called Secured-core PCs, with a zero-trust build core that prevents attacks on firmware from the very beginning.

Secured-core PCs have already been delivered to some companies with positive results. Microsoft has partnered with AMD and Intel to include this technology on their devices.

As a result, more than 100 secured-core devices from brands such as Acer, Dell, HP, Lenovo, or Panasonic are available on the market today. The number will surely go higher in the near future.

More about the topics: Cybersecurity