Intel’s latest commercial PC chips, announced last month, represent a departure from the company’s previous emphasis on speed and performance. Instead, Intel is highlighting the security features of its new 13th Gen Intel Core vPro processors. The company has been collaborating with security vendors in recent years to develop hardware-level protections for chips that can safeguard laptops against malware and ransomware attacks. The new upgrades, embedded within the chip’s firmware and BIOS, provide enhanced system protection and management capabilities, including prevention and detection capabilities.
For instance, the firmware in the new chips works better with Microsoft’s virtualization technology in Windows 11 to prevent intrusions. Meanwhile, Intel’s vPro has integrated Total Memory Encryption-Multi-Key, a feature that encrypts critical applications running on Windows 11 in memory, providing hooks for secure enclaves on the chip. This helps to prevent side-channel attacks by isolating applications in 16 different slots, making it challenging for hackers to steal data. A new vPro technology, Threat Detection Technology (TDT), employs libraries embedded in the chips to detect abnormal processing activity that may result from a security breach. The technology can weed out ransomware and other types of attack and provides data that security applications can use to stop threats.
Intel is collaborating with multiple antivirus providers, including Microsoft, CrowdStrike, Eset, and Check Point Technologies, to incorporate TDT (Threat Detection Technology) capabilities into their security software. By doing so, these vendors can leverage hardware telemetry to identify potential security threats within virtual machines. For instance, with the assistance of Intel’s performance monitoring unit (PMU), which is situated underneath operating system applications, Eset Endpoint Security can now detect ransomware.
Patching Components
Intel is collaborating with PC manufacturers to introduce a standardized approach to patching PCs, and it is diversifying its security strategies instead of relying on a single approach to secure systems. The primary objective is to create independent security measures for various hardware components, referred to as “islands of security.” As per Nordquist, there’s no justification for BIOS to access the OS memory, and it doesn’t add any value. As a result, the company de-privileged it at the fundamental level and introduced an enhanced level of security for improved protection, which is even better for vPro. Nordquist believes that PCs require a distinct security profile compared to servers, and the attack vectors for these devices differ significantly. Therefore, there’s a need for an elevated security level to tackle security threats that are beyond the OS’s protection.
Squashing Chip Bugs
Last year, Intel demonstrated its commitment to hardware security by granting $935,751 in bug bounties to security researchers who reported security flaws in its chips and firmware. The company has provided a total of $4 million in bug bounties since the program’s inception in 2017, according to its most recent security research report. Firmware updates are generally available on Intel’s website, and the device vendors are responsible for distributing them. Some updates can be automatically delivered via Microsoft Windows Update, but only a limited number of vendors can update their devices through this method. As per Alex Matrosov, founder of Binarly, which develops a firmware security platform that aids in the detection and patching of hardware vulnerabilities, CISOs must pay more attention to threats and device security that extends beyond the operating system. “Every mature enterprise organization should invest in firmware security and particularly vulnerability management for their device security pasture,” Matrosov says.
Go to Source
Author: Agam Shah, Contributing Writer