Cybersecurity

Researchers have a new method to detect malware hidden in hardware components

The big picture: Software is not always able to find malicious code hidden in firmware of hardware components. Detecting hardware-based hacks is incredibly difficult, but progress is being made to thwart the effectiveness of such attacks.

In an age where Spectre and Meltdown CPU flaws have become prominent, these bugs only scratch the surface of what hackers and tinkerers have been looking at for years. Hiding malware inside of firmware within hard drives, motherboards, graphics cards, and other common components can make it impossible for OS-level software to find any anomalies.

Even though malware developers have gotten even sneakier by implanting malicious code into embedded firmware, researchers from North Carolina State University and the University of Texas at Austin have developed a reliable method of identifying such intrusions. By characterizing the power usage of a system and each of the components within it, the type of malware present can be determined. Research was sponsored by Lockheed Martin and the National Science Foundation.