Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

Per Snowden NSA Leaks, Dell PowerEdge Server BIOS Hacked

By - Source: Toms IT Pro

In yet another story of the NSA and its infiltration of hardware and software and creation of "backdoors," a report of a Dell PowerEdge server hack by the NSA was published yesterday.

Although it is somewhat old news, given that the report was created in 2007 for the ANT (Advanced or Access Network Technology) product catalog, the DEITYBOUNCE hack describes an exploit specifically designed for Dell PowerEdge servers.

The requirement for operating the hack reads a bit like the requirements section for many normal  software applications:

"This technique supports multi-processor systems with RAID hardware and Microsoft Windows 2000, 2003, and XP. It currently targets Dell PowerEdge 1850/2850/1950/2950 RAID servers, using BIOS version A02, A05, A06, 1.1.0, 1.2.0, 1.3.7."

It was very inexpensive with a Unit Cost of $0 and at the time of the report, its status was "Ready for Immediate Delivery." 

The hack was "accomplished by non-technical operation through use of a USB thumb drive" and was "configurable and will occur when the target machine powers on."

The DEITYBOUNCE hack is one of many that were part of an NSA Toolbox mentioned in a story originally reported by Der Spiegel. This particular hack would likely not be possible today.

"UEFI (Unified Extensible Firmware Interface), along with Secure Boot apply a PKI-based authentication system for code running on the computer. Unless they had access to the keys, the NSA shouldn't be able to flash malicious BIOS on a system so-equipped. Dell and Microsoft have supported UEFI and secure boot for many years. System certification for Windows 8 actually requires UEFI and secure boot to be enabled by default using a Microsoft private key," notes ZDNet writer Larry Seltzer.

"Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit.  This includes 'software implants' or so-called 'backdoors' for any purpose whatsoever," the company said in a statement responding to the Der Spiegel story. 

There is no indication in any of the documents listed in the NSA ANT Product catalog that any of the tech manufacturers collaborated or were aware of the hacks and exploits or that any of the hacks and exploits would continue to be practical.

Of course, there is also no indication the NSA and other intelligence agencies have been inactive during this time either. 

For other stories related to the NSA:

[ Get IT news updates right in your inbox -- Sign up for Tom's IT Pro's Weekly Newsletter ]

_________________________________________________________________________________________

ABOUT THE AUTHOR

Bill Oliver has been working in Healthcare for the past 30+ years in a variety of management roles including Material Management, Purchasing, Nurse Registry, and IT. In the past 12 years his focus has been on the business end of IT Contracts, Software Licensing and Purchasing.

More by Bill Oliver

Comments