How would CIS/CES react?
It wouldn’t IMO. The malware in disk firmware that Kapersky is talking about would effectively be part of the hardware and completely invisible to any OS based security system.
Do we know if re-flashing the firmware actually gets rid of this or does it have a backup plan for that/prohibits re-flashing?
Considering that they have to physically interdict the package to either replace it or infect the original, I would assume that this method is only used on people of interest and not random people that aren’t of specific interest, that’s not to say that there isn’t anything to be afraid of… If they can do it, then surely someone else COULD do it as well, who knows.