Cyber Security Threat Summary:
“The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released joint guidance on hardening Baseboard Management Controllers (BMCs). Published this week, the document aims to address the overlooked vulnerabilities in BMCs, which can serve as potential entry points for malicious actors seeking to compromise critical infrastructure systems” (Info Security Magazine, 2023).

BMC’s are embedded computer hardware components, that are used for remote managements and external control of systems. They are distinct in that they operate independently of the operating system and firmware, and can allow for control of the device even when the system is powered down. Because of their high privileges and network accessibility, these devices are attractive to threat actors.

The joint guidance emphasizes the importance of taking proactive measures to secure and maintain BMCs effectively, adding that many organizations fail to implement even minimum security practices.

Security Officer Comments:
Without proper security mechanisms surrounding BMCs, they could be used by cybercriminals for a variety of cyber attacks. Examples include, turning off security solutions, manipulating data, and/or propagating malicious instructions across the network.

This new guidance is likely related to recent reports from the UK’s National Cyber Security Centre (NCSC) and other international security agencies on Chinese cyber activity targeting critical national infrastructure networks in the United States.

Suggested Correction(s):
To address these concerns, CISA and NSA recommend several key actions. These include protecting BMC credentials, enforcing VLAN separation, hardening configurations and performing routine BMC update checks.

Further, the agencies said organizations should also monitor BMC integrity, move sensitive workloads to hardened devices, use firmware scanning tools periodically and treat unused BMCs as potential security risks.

By following these recommendations, organizations can significantly enhance the security posture of their BMCs and reduce the risk of potential cyber threats.

For more information and detailed recommendations, organizations can refer to the official guidance document released by CISA and the NSA.

b>Link(s):
https://www.infosecurity-magazine.com/news/cisa-nsa-controller-hardening-guide/
https://www.cisa.gov/news-events/al...rdening-baseboard-management-controllers-bmcs