The UEFI Scanner, which protects UEFI firmware that anti-malware software typically misses because it is outside the OS, is likely to appear in a forthcoming commercial product release.
Security software vendor ESET has launched the 2018 release of their consumer software. The main news this year is the addition of two new features across their consumer product line. The Connected Home Monitor feature provides protection to networked Internet of Things devices like PVR recorders, scanning them for vulnerabilities. The new UEFI Scanner protects UEFI firmware, something that regular anti-malware scanners have not addressed to date.
The consumer market is typically where innovation is found first in endpoint security, and ESET is no exception here.
“Typically, in the past our business products lag behind the consumer in terms of innovation,” said Ben Reed, Product Marketing Manager at ESET North America. “We find that consumers need the most help, so it’s all about making the features as easy as possible. Typically, the consumer market is also more forgiving. Some features may need to be refined more before they get to business customers, such as reducing the number of popups. We typically use the consumer products to test these things, and get consumer feedback before incorporating changes to the business products.”
The Connected Home Monitor is ESET’s response to the heavy increase in Internet of Things-related attacks.
“You have had things like botnets taking over DVRs,” Reed said. “We need to help protect consumers against these kinds of attacks. The Connect Home Monitor scans for vulnerabilities on all these devices connected to the WiFi or router-based network, looking for outdated firmware, weak passwords and other vulnerabilities. Consumers typically don’t realize they need to update or harden these devices.” If an issue is found ESET will either fix it or tell the user how to fix it, such as changing the default password.
Some other vendors also offer this capability, but it is in the hardware devices.
“We are doing it at the endpoint level, so you don’t need any special hardware,” Reed said.
Connected Home Monitor is likely to be a less significant capability for ESET’s business software.
“Connected devices aren’t as important to the business market, and if they have enterprise-class hardware, they won’t have these issues,” Reed said. “Parts of the SMB do use consumer hardware a lot though.”
The other new feature, the UEFI Scanner, does have clear business market implications. The UEFI is firmware, and is the black/configuration screen that appears before a computer starts up, which tells the system to launch.
“This is all about ESET trying to stay one step ahead,” Reed said. “We have not yet seen it exploited in the wild.” However, while there are no known threats, ESET has predicted that this is a likely focus point for hackers.
“Malware usually only scans the OS, not the BIOS or UEFI firmware,” Reed added. “There has to be a completely unique scanner for that. As a result, this is really the Holy Grail of threats because it can’t be detected by normal malware, and will persist. Malware could embed directly, and remain even after reinstallation of the OS, because the UEFI works outside the OS. ESET is the first company that can detect these types of threats.”
Reed said that particularly once threats to the UEFI move from concept to reality, this is very likely to find its way into ESET’s business software.
“The UEFI scanner will make it at some point in the future,” he said. “It’s a newer threat vector.”
Changes to the consumer software are still something that the channel audience should note, Reed said. Enhancements in the consumer market drive overall brand awareness.
“We find that the consumer sector is where you build brand awareness,” he said. “That then becomes what customers are more likely to prefer in their commercial product. If we provide a good experience at the consumer level, they will want to bring it into their business.”
ESET has three consumer brands ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium — which are aligned on a Good-Better-Best spectrum respectively. The UEFI Scanner is included in all three versions. The Connected Home Monitor is included with ESET Internet Security and ESET Smart Security Premium.
Valid ESET licence holders can download these latest products.