The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released joint guidance on hardening baseboard management controllers (BMCs).
The document, published Wednesday, aims to address an overlooked vulnerability in BMC that could be a potential entry point for malicious attackers looking to compromise critical infrastructure systems. purpose.
Read more about similar attacks: NCSC warns of destructive Russian attacks on critical infrastructure
To explain, the BMC is a critical component built into computer hardware that facilitates remote management and control. They operate independently of the operating system and firmware, ensuring seamless control even when the system is powered off.
However, these devices are attractive targets for malicious attackers due to their high privilege level and easy network access.
The joint guidance emphasizes the importance of taking proactive measures to effectively protect and maintain BMCs, adding that many organizations fail to implement even minimal security practices. .
These shortcomings can allow BMCs to be used by threat actors as entry points for a variety of cyberattacks, including taking down security solutions, manipulating data, and propagating malicious instructions throughout your network infrastructure.
To address these concerns, CISA and NSA recommend several important steps. This includes securing BMC credentials, enforcing VLAN isolation, hardening configuration, and performing regular BMC update checks.
Each government agency further states that organizations should monitor BMC integrity, move sensitive workloads to hardened devices, regularly use firmware scanning tools, and identify unused BMCs as potential security risks. He said it should be treated as a risk.
By following these recommendations, organizations can significantly strengthen their BMC security posture and reduce the risk of potential cyberthreats.
For more information and detailed recommendations, please refer to the official guidance documents released by CISA and NSA.
The new guidelines come after the UK National Cyber Security Center (NCSC) and other international security agencies have issued new recommendations to warn the public against Chinese cyber activity targeting critical national infrastructure networks in the United States. announced a few weeks later.
