Persistence at a pre-OS level can be gained modifying the firmware in a resource.
System firmware is quite static, and it doesn't usually provide detections capabilities. A firmware level manipulation can remain unnoticed until next phases of the attack. [1]
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.