Threat Category: Boot firmware
ID: STA-16
Threat Description: Firmware malware is not present in the operating system and runs before the OS loads and targets OS components in order to modify or subvert their behavior. Bootkits execute early in the system boot and have the ability to remain undetected and be persistent, surviving hard drive reformatting or OS reinstallation.1
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Not Applicable
CVE Examples
Possible Countermeasures
References
C. Puodzius, UEFI malware: How to exploit a false sense of security, WeLiveSecurity, blog, 19 Oct. 2017; https://www.welivesecurity.com/2017/10/19/malware-firmware-exploit-sense-security [accessed 12/02/2019] ↩