Microsoft buys ReFirm Labs to bolster IoT firmware security

Microsoft has purchased security firm ReFirm Labs to improve its ability to secure IoT firmware.

The two companies announced the acquisition on Wednesday but did not disclose the terms of the deal.

ReFirm Labs, headquartered in Maryland, has built open source-based products that help security experts search for vulnerabilities in the firmware of IoT devices. ReFirm's technology uses Binwalk -- open source software developed in 2010 by the team that founded ReFirm seven years later.

David Weston, Microsoft's director of enterprise and operating system security, said security tools often have trouble identifying vulnerabilities in device firmware. ReFirm's analytical software will improve Azure Defender's ability to discover flaws and apply patches, he said.

As the number of IoT devices in use grows, their firmware is no longer a future threat, "but an imperative to secure," Weston wrote in a blog post.

In its announcement, ReFirm Labs said the two companies had the same view of IoT security risks.

"Vulnerabilities in network, IoT and edge devices are a significant and growing risk to enterprise and consumer security," the company said in its blog. "As we worked with Microsoft, it became clear that they shared the same vision and urgency around IoT security."

In 2018, Microsoft pledged to spend $5 billion in four years on IoT, and it has made several investments since. The ReFirm Labs acquisition comes one year after Microsoft purchased IoT security startup CyberX, which built a platform to detect threats and vulnerabilities in industrial IoT devices. In 2019, Microsoft purchased Express Logic, which developed a real-time operating system for IoT devices.

Constellation Research analyst Liz Miller said the purchase helps Microsoft address a growing security problem. The National Institute of Standards and Technology has reported a five-fold increase in firmware attacks over the last four years with the rising number of IoT devices.

Firmware has become "attack gold" for hackers because it is difficult for IT teams to manage, Miller said. As a result, Microsoft is plugging gaps in its IoT security portfolio "as fast as they can, by development or by acquisition."

Mike Gleason is a reporter covering unified communications and collaboration tools. He previously covered communities in the MetroWest region of Massachusetts for the Milford Daily News, Walpole Times, Sharon Advocate and Medfield Press. He has also worked for newspapers in central Massachusetts and southwestern Vermont and served as a local editor for Patch. He can be found on Twitter at @MGleason_TT.