A report by network security experts states that threat actors are able to exploit some recently found vulnerabilities in remote management devices to insert a virtual storage drive into a target system; In other words, using this method of attack the hackers can turn any USB device into a virtual Trojan.
The experts, members of security firm Exlypsium, have reported some vulnerabilities present in some Supermicro baseboard management drivers (BMD), which are special processors installed on some motherboards for ensure that users are protected at the hardware level remotely.
This kind of protection is required when system
administrators require some activities such as loading old software to a server
from a CD, or upgrading an operating system from an image to an external hard
drive. These controls facilitate these activities and do not require connecting
anything physically to the server, mentioned by network security specialists.
When administrators want to virtually connect a
USB device to the server, they typically use virtual media web applications
from any location taking advantage of hardware access controls. However,
experts found that the protections enabled in this process are vulnerable to
multiple types of cyberattacks. “A system can incorrectly store legitimate
administrator logins, allowing the next user to enter any credential and gain
access” the experts mentioned. In addition, the researchers mentioned that
the error persists even if the login page unexpectedly closes, in this case,
attackers can attempt to access with Supermicro default login credentials, as administrators
often skip changing them.
The company was notified of these
vulnerabilities last June. In response, Supermicro released some firmware
updates for all drivers for affected baseboard
management controllers. “We want to thank the researchers for reporting
these vulnerabilities; new versions of the BMC software will address the
reported flaws,” a company spokesman said. However, experts note that
these updates can take time to reach all users, so many are likely to still be
exposed to these flaws.
According to network security experts, the
complex part of this attack for hackers is to access an internal network,if
they accomplish it, hacking a BMC is a much easier step. In addition, the
cybersecurity community had not considered hacking a BMC as a real risk to a
company’s operations, until now.
However, this is not the first research of its
kind. About a year ago, network security experts from the International
Institute of Cyber Security (IICS) reported that multiple Supermicro baseboards
around the world were exposed to the installation of a physical backdoor supposedly
designed and installed by the Chinese government for espionage purposes against
some American tech companies and government institutions, like intelligence
agencies. The company, like some of its competitors, denied the accusations,
but it has not ceased to worry thousands of experts around the world.
