The latest edition of Intel Security's report, released on Tuesday, reports attacks on firmware for the first time. More specifically, the report details "persistent and virtually undetectable attacks" by the so-called Equation Group that reprogram hard disk drives and solid state drive firmware. Although not identified as such by Intel Security, the Equation Group has been linked to elite units of the N-S-A, via confirmation by former staffers. http://www.theregister.co.uk/2015/06/09/nsa_firmware_sighted_ctb_ransomware/
So how the Russians are the only ones willing to investigate this ? The community has known about firmware malware for years I have read several forum discussion threads about it and at least one of those who became aware of it on his own system reported no interest whatsoever by our own computer security vendors. ~ Removed Off Topic Comments ~
No device that interacts with the Internet can be trusted. To be considered secure, a device must be air-gapped and shielded.
There was quite a good discussion on security now episode 510 (https://www.grc.com/securitynow.htm) on the issue.