Most modern computers, even devices whose hard disk is encrypted, are vulnerable to a new type of attack. That would make it possible to steal a lot of sensitive data in a matter of minutes. That’s what new research from F-Secure shows.
This reports that none of the existing firmware measures in tested laptops do enough work when it comes to preventing data theft. Predatory researcher Olle Segerdahl even confronts TechCrunch with the fact that almost all laptops and desktops – both Windows and Mac – are at risk.
Little effort
The new operator operates a traditional cold boat attack. Hackers use it to steal data from a disabled computer. Modern computers overwrite their memory when a device is switched off, so that the data cannot be read out just like that. But Segerdahl and his colleague Pasi Saarinen have found a way to reverse that process, so that a cold boat attack has its effect again.
It takes a few extra steps, Segerdahl started. But the vulnerability is very easy to exploit. So easy, in fact, that it would surprise Segerdahl if hacker groups were not already aware of the technique. We are convinced that anyone who wants to steal data from laptops has drawn the same conclusions as us.
Couple of hours of work
Physical access to a device makes the chances that you manage to steal data are greater. That’s why so many hard drives use encryption. But the researchers discovered that in almost all cases they could simply steal data, whether it was encrypted or not.
It only took a few hours to develop a tool that could really prevent the firmware of laptops from overwriting data. From that moment on, the researchers could easily scan the disk for the keys, after which the whole thing could be deciphered and data easily captured.
Risk is not so bad
The findings are before the researchers have published their results have shared with Apple, Intel and Microsoft. But according to the researchers, there will be many more devices at risk. And: a successful attacker can steal everything in the memory, including passwords and login codes.
Nevertheless, Microsoft and Apple claim that the risks are not so bad. Both companies argue that an attacker must have physical access to a device to succeed and that consumers are encouraged to ensure that not everyone gets access to their device.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
6 minutes ago
