Hardening, Bios – BECKHOFF IPC-Security User Manual

3.1.3. Potential threat scenarios

The following chapter gives a short overview about possible threat scenarios, which may or may not be
representative in your environment. We assume that an attacker is able to gain local access to the device
itself, just as this may be the case for a regular user. Please take the following chapters as a means to gain
a better awareness for this scenario.

3.1.3.1. Manipulated boot device

An attacker is able to attach and mount a prepared storage media and is able to boot from this device.
Alternatively, the attacker could also boot from network, if the device is equipped with such a feature. This
may either result from default BIOS settings where the boot priority is set accordingly or from the attacker
being able to access and change BIOS settings himself. Due to this, the attacker could gain access to the
whole system, including reading/writing unprotected information, e.g. passwords, configurations or business
know-how. From this point on, the operating system cannot be assumed to be secure anymore.

3.1.3.2. Manipulated USB storage device

By manipulating USB storage devices, an attacker could execute malware during system runtime if no further
security measures are taken. Due to this, an attacker gains access to the operating system with at least the
same privileges as the currently logged on user account.

3.1.3.3. Abusing password recovery mechanisms

An attacker is able to boot from other storage devices, as described in 3.1.3.1, gaining access to regular or
3rd party password recovery mechanisms. If the same Administrator password is used on several systems,
it is sufficient for the attacker to infiltrate one system to gain administrative privileges to all.

3.1.3.4. Guessing passwords

The attacker may execute brute force or dictionary attacks to guess short, weak or default passwords. Due
to this, an attacker could gain access to the affected user account and use its privileges to further infiltrate
or manipulate the system.

3.2. Hardening

This chapter explains some common strategies that can be deployed to actively secure components that
are part of the scenario. Because the operating system architecture of Windows CE differs from Windows
XP, Windows 7 or Windows Embedded, each operating system family is represented by an own chapter.

3.2.1. BIOS

It is recommended to set a password for the system’s BIOS to ensure that no changes to critical system
functions can be made, for example:

IPC Security

11