After Trojans and ransomware targeting data theft and extortion, attackers have been developing new "persistent" methods to inject malware for some time. Already in 2018, the first successful UEFI malware attacks (Lojax) became public. However, the lucrative attack method is very complex to program. Accordingly, these attacks were highly selective and not carried out on a broad scale. This is different now: the well-known malware "TrickBot", which was often delivered with Emotet, has found new ways to permanently store itself in the UEFI (Unified Extensible Firmware Interface). This form of malware remains invisible to regular antivirus programs. Software updates and new installations have no effect - malware nested in the UEFI even survives a new installation or hard disk replacement. For the attackers themselves, the possibilities are endless: corrupting the firmware, locking the computer, even taking over the entire system are easy.

Only fully comprehensive security solutions offer users appropriate protection against this growing range of attack scenarios. At the same time, employees today expect to be able to access the corporate or government network at any time and from anywhere, and not to be tied to a fixed workstation. This expectation and the high security requirements are met by solutions that protect all end devices, enable a secure connection to the corporate network and guarantee the protection of sensitive data even in the event of theft or loss. Particularly in the case of remote access solutions that enable secure connection to the corporate network, it is essential that users ensure the necessary independence from the security architecture of the operating system. An additional security gain is offered by solutions that act like a UEFI firewall through strong separation. In this way, an outflow of data is prevented even in the event of vulnerabilities and security holes in the operating system.

IT security expert Rohde & Schwarz Cybersecurity offers such a solution with its VPN Client, approved up to classification level VS-NfD (RESTRICTED) by the Federal Office for Information Security (BSI). R&S®Trusted VPN Client acts like a UEFI firewall and blocks potential attacks from the Windows operating system on the basic firmware. Changes to the UEFI instance noticed by the operating system are also eliminated after each reboot - making permanent malware nesting impossible. "We are convinced that security can only be achieved independently of the operating system," said Dr. Falk Herrmann, CEO of Rohde & Schwarz Cybersecurity. "With the R&S®Trusted VPN Client, we guarantee security while ensuring the digital sovereignty of the users, and in combination with R&S®Trusted Disk hard disk encryption – approved up to classification level VS-NfD (RESTRICTED) by the BSI -, we offer a comprehensively protected and approved workplace for public institutions and companies."

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

I want to receive information from Rohde & Schwarz via

Marketing permission

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.