The National Institute of Standards and Technologies has published new guidance to mitigate the threat to servers. The new guidance is aimed at mitigating unauthorized modification of BIOS firmware by malware. Corrupting BIOS is seen as a significant threat because of its privileged position on the computer architecture. In 2011, the Mebromi rootkit attempted to insert malware in the BIOS that would continue to re-infect systems, even after clearing the malicious code with anti-virus software, reinstalling the operating system or replacing the hard drive.”]
Source: https://www.careersinfosecurity.com/protecting-servers-from-remote-attacks-a-7313