Understandably, the cyber insurance community prioritises most of its time talking about ransomware...as this is, in-part, responsible for the deteriorating loss ratios currently being experienced by the market. There is also a lot of public noise around ransomware...with unfortunate victims being put up in lights on various social media and news channels.

Firmware attacks tend to be a more private affair, initially. There are of course cases where a firmware vulnerability is exploited to perpetrate a wide-reaching ransomware attack - like the Robinhood exploits against various US states in 2019. 

Firmware is the source code which controls the hardware components to a computer. We often hear of the application layer or operating systems targeted by malware/ransomware...as these can be distributed at scale with immediate ROI for the perpetrator. A firmware attack is more akin to a APT attack (Advanced Persistent Threat)...get in, get under the hood, monitor - pick a particularly devasting moment - and then deploy the a-bomb. It might be a ransomware packet, it might be wiperware, it might be data theft, or corporate espionage. Either way, it's targeted, and so by nature...really rather effective and potentially damaging.  If you're a large corporate with a well-protected perimeter, but an under-funded/secured firmware layer...this could be far more devasting than a traditional application based, ransomware attack...simply due to the breath of network access afforded by the firmware layer.

With many of our customers in the large corporate space, this topic certainly seems worth a little more of the spotlight.