Why we invested in Binarly

The need to address one of the largest security threats — running on every device.

Nation State developed firmware attacks have been a reality for a significant amount of time and the current geo political developments only increase the risk level. In a world where IoT, edge devices and the mere size of firmware on devices increases year on year, it’s a matter of ‘when’ not ‘if’ massive new hacks will come to light. These type of attacks are also expected to be increasingly exploited by cybercrime groups and according to Gartner 70% of organizations that do not have a firmware upgrade plan in place will be breached due to firmware vulnerability.

Most people know you need to do frequent software updates. Thats just as true for firmware, the software written into hardware devices. The problem is that the need is much less appreciated. Not only the current geo political situation adds a lot of urgency to the topic. The pandemic and the shift to work from home, for instance, has exposed businesses to the especially weak security in many home routers and other consumer-level gear (source).

Based in Los Angeles, Binary focuses on automating firmware security with AI and machine learning powered deep code inspection, hardware inventory management and automated SBOM (Software Bill Of Materials) generation. What that means is that they help device manufacturers, cloud security providers and enterprises to find and fix security problems in the firmware supply chain. The company’s technology is currently being used by security teams to identify vulnerabilities and spot signs of malicious firmware modifications. The platform is also being used to gain firmware SBOM visibility without access to the source code.

“Firmware attacks are on the rise and you aren’t worried about them enough. 83% of enterprises have experienced one firmware attack during the past two years.” — Microsoft

Why Binarly? They got the best-in-class team discovering vulnerabilities no one else has found and managed to surround themselves with incredible experts. The team has worked 20+ years on researching advanced malware threats, firmware and hardware vulnerabilities. The founders Alex Matrosov and Claudiu Teodorescu have impressive security backgrounds having previously worked at NVIDIA, Intel Corp., ESET, BlackBerry, Cylance and FireEye. Alex is also a highly regarded researcher who co-authored the firmware security book Rootkits and Bootkits. Firmware vulnerabilities the team has found have already been published by media (example) around the world.

So far this year, the Binarly team disclosed 107 critical firmware security vulnerabilities affecting the entire enterprise device ecosystem. The company worked with security response teams at Insyde, AMI, Lenovo, Dell, HP, HPE, Siemens, Fujitsu, Atos, Intel, AMD and many other vendors to mitigate high-impact security issues across the computing landscape. Many of these vulnerabilities demonstrate the complexities of the firmware supply chain that negatively disrupt the timeline for patch delivery and identification of impacted parties. The US government also recently issued a severe warning calling firmware security a ‘single point of failure’.

Assessing the impact of a known firmware based vulnerability in a customer environment, at scale, is a problem without a viable solution. We have developed the FwHunt technology that adds semantic context around a known vulnerability to ensure detection while reducing false positives. — Claudiu Teodorescu

CISOs from critical infrastructure companies, hyperscalers, and cyber security experts rate firmware security as a top 3 priority, yet the current patching process is still fundamentally flawed. So is the outdated toolchain. Where hardware has gotten exponentially faster and more complex, the toolchain most embedded engineers are still using is decades old. If you went back in time 20 years and showed an embedded systems engineer what we have today, they would probably be amazed by the hardware (memory etc) and absolutely shocked by the outdated toolchain and security implications.

There are tens of billions of devices connected to the internet — growing at an exponential rate. The weakest link of many systems is increasingly the firmware. We should brace ourselves for more attacks and urgently embrace the best solutions to improve security. We at Acrobator believe that Binarly is a vital part of the future of firmware security.