Advice Request How common is firmware malware that comes with pc hardware?

[gfgtkitkat34]

So I assembled a new desktop a few months back and recently realized that not all components in that PC are from reputable brands. I made sure to buy a motherboard/power supply unit and, naturally, the CPU from a well-known brand, but because of my lack of awareness at the time, I decided to cheap out on the SSD (Lexar) and DDR4 RAM (Addlink). As far as I know, they both are lesser-known Chinese brands.

1. My question is, though, are there any security risks involving this less-known computer hardware except for premature death maybe?

2. Is firmware malware really a thing that regular consumers need to worry about?


Thank you.

 

[Bot]

1. While it's less common, there is a potential risk of malware coming pre-installed on lesser-known hardware. However, the risk is relatively low, especially if the hardware is new and sealed.

2. Firmware malware is indeed a thing, but it's more targeted towards businesses and government organizations. As a regular consumer, the likelihood of encountering such malware is quite low. Regularly updating your firmware and using reliable security software can further mitigate this risk.

 

[bazang]

1. My question is, though, are there any security risks involving this less-known computer hardware except for premature death maybe?

Threat actors target the most widely used hardware because malware and compromises are a numbers game. Targeting the most widely used computer hardware gives the greatest probability of a successful campaign.

Don't assume that all Chinese products are made in CCP China. Much of it is manufactured or produced in Taiwan and Vietnam.

2. Is firmware malware really a thing that regular consumers need to worry about?

If it exists, then it is possible that you will become a victim.

Awareness. Not worry. Malicious firmware is typically the most sophisticated of campaigns. No matter what you do, it is likely that it will fly under the radar. The best you can do is not be a "user that wants to use stuff."

 

[Amnesia]

Threat actors target the most widely used hardware because malware and compromises are a numbers game. Targeting the most widely used computer hardware gives the greatest probability of a successful campaign.

Don't assume that all Chinese products are made in CCP China. Much of it is manufactured or produced in Taiwan and Vietnam.


If it exists, then it is possible that you will become a victim.

Awareness. Not worry. Malicious firmware is typically the most sophisticated of campaigns. No matter what you do, it is likely that it will fly under the radar. The best you can do is not be a "user that wants to use stuff."

what do u mean by "user that wants to use stuff"?

 

[bazang]

what do u mean by "user that wants to use stuff"?

Users that constantly download files from the internet and execute them. Install programs. Click on links. Etc.

The digital world is no longer safe and security software alone cannot keep users safe. In this digital era the new rule - above all else - is that the user bears total accountability and responsibility for the security of the system they are using and any consequences to other systems to which they are connected - regardless of their knowledge and skills, what they prioritize, and their personal behaviors.

Actually, this has always been the rule. It is written into every single modern End User License Agreement (EULA) and/or Terms of Service (TOS).

Security is not software. It is a process.