55.1 F
Washington D.C.
Sunday, December 3, 2023

NSA and CISA Release Guide to Protect Baseboard Management Controllers

Baseboard management controllers (BMCs) are common components of server-class computers. Malicious cyber actors could use these controllers’ capabilities to compromise industry and government systems.

“Implementation of effective security defenses for these embedded controllers is frequently overlooked,” said Neal Ziring, the Technical Director for NSA’s Cybersecurity Directorate. “The firmware in these controllers is highly privileged. Malicious actors can use the firmware’s capabilities to remotely control a critical server while bypassing traditional security tools.”

Organizations need to take action to secure servers with BMCs. To assist network defenders in this, NSA and the Cybersecurity and Infrastructure Security Agency (CISA) jointly released the Cybersecurity Information Sheet, “Harden Baseboard Management Controllers.” The guidance includes recommendations and mitigations for network defenders to secure their systems.

A BMC is an embedded component that runs independent of the server’s operating system (OS). Once powered up, a BMC’s capabilities persist even if the server is shut down.

BMCs are beneficial for system administrators as they provide remote access to servers’ resources for network configuration and management. In addition, BMC enterprise management solutions allow administrators to handle large numbers of servers remotely. Cyber actors can abuse these capabilities in a variety of ways, including to:

  • Disable security solutions, such as Trusted Platform Module (TPM) and Unified Extensible Firmware Interface (UEFI) Secure Boot.
  • Manipulate data on any attached storage media.
  • Propagate implants or disruptive instructions across a network infrastructure.

NSA and CISA recommend system owners and network defenders implement the mitigations listed in the report, including:

  • Hardening BMC credentials and configurations
  • Monitoring BMC integrity and updating BMCs
  • Establishing virtual network separation to isolate BMC network connections

Read the full report here.

Read more at NSA

Homeland Security Today
Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

- Advertisement -

Latest Articles

Verified by MonsterInsights