"We at Intel take hybrid software-hardware threats and exploits seriously. We have closely monitored both academic proofs of concept and in-the-wild cases of malware with firmware or BIOS manipulation capabilities, and these Equation Group firmware attacks rank as some of the most sophisticated threats of their kind," said Weafer. "While such malware has historically been deployed for highly-targeted attacks, enterprises should prepare themselves for the seemingly inevitable 'off-the-shelf' incarnations of such threats in the future."
McAfee Labs advises that organisations take steps to strengthen threat detection at the known initial attack vectors, such as phishing messages with malicious links and malware-infected USB drives and CDs, as well as consider solutions that can help prevent data exfiltration.
Sign up for CIO Asia eNewsletters.