Skip to main content

Companies need to up their hardware security now, or risk attack

(Image credit: Image source: Shutterstock/lolloj)

Businesses need to up their ante when it comes to cybersecurity or face dire consequences, according to a new report by Dell EMC. 

The company says that hackers have worked “just as hard – if not harder” and started attacking devices at silicon level, creating a whole new world of risk.

Organisations need to realise the threats they are facing and act accordingly, or face downtime, loss of consumer trust, government fines and mounting expenses.

Dell EMC’s latest report says that almost two thirds (63 per cent) of organisations suffered at least one data breach in the last 12 months, as a result of an exploited vulnerability in hardware. Almost half (47 per cent) suffered at least two hardware-level attacks.

The report explains that hardware-level breaches can be carried out by targeting software vulnerabilities, web applications attacks and strategic web compromises.

Some two thirds (63 per cent) of respondents understand their hardware supply chain could easily be compromised, but at the same time, just above half (59 per cent) have an implemented hardware supply chain security strategy.

While the majority see BIOS and firmware flaws highly worrying, not all feel the same about vulnerabilities at silicon level.

Without a consistent approach to security at both hardware and software level, organisations could face loss of data, loss of funds and loss of competitive advantage.

Dell EMC’s report concludes that the validation of chip manufacturers, as well as the validation of the supply chain are essential to mitigating threats at the hardware level. Almost half of the respondents said they’re adopting and investing in supply chain validation initiatives, while almost a third (30 per cent) plan on doing so within the year. More than a third wants to do it next year.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.