Microsoft has published a security report that states that 83% of all companies have been attacked in the firmware of devicethem in the last two years.
This shows us that security managers in companies need to be constantly on the lookout for specific attacks and secure their systems.
The subject aroused my curiosity when I saw the following tweet
We commissioned a study that found that more than 80% of enterprises have experienced at least one firmware attack in the past two years. Learn more about the findings and options for securing firmware and hardware with secured-core PCs: https://t.co/9C9bxlPQQL
- Microsoft Security (@msftsecurity) March 30, 2021
The tweet is linked to a company article which has as its title: “New Security Signals study shows firmware attacks on the rise? here's how Microsoft is working to help eliminate this entire class of threats”.
As proof, Microsoft cites its new Security Signals report, in which it examines scenarios attacks.
Microsoft says threats are changing because many systems are protected by the cloud. The "Security Signals" report indicates that firmware attacks are on the rise - and companies are not paying enough attention to safeguarding them. The Security Signals report surveyed 1.000 corporate security professionals and reported that 83% of companies have been hit by firmware attacks in the past two years. But according to the same report, only 29% of security budgets will be invested in safeguarding these attacks. Of course the company promotes Secured-Core PCs
“There are two types of companies – those that have had a firmware attack and those that have had a firmware attack but don't know it,” says Azim Shafqat, ISG partner and former vice president Gartner.
It should be mentioned here that the company's publication is a bit advertising since it mentions how secure Microsoft services are. So because I'm probably not the only one who thought that 83% is a very high percentage see the following tweet
No, 81% of enterprises have not experienced a PC firmware attack of the kind Secured-Core PCs are supposed to make harder in the last two years. I would bet my life on it.
- Brian in Pittsburgh (@arekfurt) March 30, 2021
These claims are so misleading as to effectively amount to lying. pic.twitter.com/hpQwO9Ouxf
Brian in Pittsburgh reports
"No, 81% of companies have not been attacked by firmware… .. I bet my life on it.
"These allegations are so misleading that they are tantamount to lies."