
	Home > Information Security Tips > Threats and security advisories > 'Phlashing' attacks

Security UK Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

THREATS AND SECURITY ADVISORIES

'Phlashing' attacks

Mike Chapple, Contributor
12.08.2008
Rating: --- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

I've read recently about "phlashing" attacks. Are theoretical attacks like phlashing effective ways to attack an organization, should we be prepared for them, and are they a serious threat to network hardware?

Security expert Mike Chapple:
Phlashing attacks target network devices and other hardware systems that rely upon firmware to contain their operating systems. In this type of attack, the hacker uploads, or "flashes," non-authentic firmware to the device under the guise of a legitimate firmware update. However, the hacker's firmware contains malicious code that provides a back door into a network or permanently disables, or "bricks," the device. This use of phlashing has earned the technique the alternative moniker of permanent denial-of-service (PDoS) attack.

Phlashing is more than theoretical: it's been demonstrated at conferences, like London's EUSecWest security conference in May 2008. You're correct to point out that there hasn't been a widespread outbreak in the wild. Nevertheless, enterprises should fortify devices to protect against this type of attack.

The best advice I can give you is to never connect the management interface of a device to a public network. Doing so invites trouble by making it possible for an attacker to upload non-authentic firmware. Ideally, such devices belong on their own private control network, accessible only to administrators with a legitimate need to configure the devices.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.co.UK. Register now to start rating these tips. Log in if you are already a member.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Threats and security advisories
	Preventing phishing attacks: Enterprise best practices
	The value of booting from a VHD in Windows 7
	What to do with network penetration test results
	How to prevent memory dump attacks
	How to prevent phishing attacks with social engineering tests
	Cyberwarfare and the enterprise: Is the threat real?
	How to avoid botnet attacks
	How to ensure the validity of Microsoft Windows updates
	How to defend against rogue DHCP server malware
	Mac OS memory flaws pose challenges for enterprise endpoint protection

Threat and Vulnerability Management

Zeus botnet temporarily disrupted, but back in full force

Considering two-factor authentication? Do cost, risk analysis

Clientless SSL VPN vulnerability and Web browser protection

Microsoft's Charney details new botnet protection, IdM technology at RSA

Look into SIEM services to cut costs, comply with PCI DSS, HIPAA

Cloud security issues, targeted attacks to be hot-button topics at RSA

Zeus Trojan continues reign infecting 74,000 PCs in global botnet

How to use Google Webmaster tools to help protect your site

New Community Security Policy aims to reduce computer misuse

The value of booting from a VHD in Windows 7

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

Centre for the Protection of National Infrastructure (SearchSecurityUK.com)

Serious Organized Crime Agency (SearchSecurityUK.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

UK Data Security Solutions: Data Privacy, Identity Theft, Data Loss

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2008 - 2010, TechTarget \| Read our Privacy Policy