New Exploit Could Give Hackers Access to Even Your Encrypted Data
September 13, 2018 by Jon Southurst
Computers running Windows and most Macs are vulnerable to a new firmware exploit that can retrieve data even from powered-off systems with disk encryption, says security research firm F-Secure. And there may not be much software vendors can do to fix it on existing machines.
Also see: Brave Joins Formal Privacy Complaints Against Google, Others
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Exploit Could Target ‘Nearly All’ Laptops and Desktops
According to a report in TechCrunch, the Finnish firm said “nearly all” desktops and laptops were affected, save for the latest Apple machines using the T2 chip. That included those using Microsoft’s BitLocker and Apple’s FileVault disk encryption, built into modern operating systems.
It works by preventing the machine from writing over the data in memory as it shuts down, a technique used by OSes to add an extra layer of security. This memory often stories vital information like disk encryption keys and passwords.
F-Secure said building a tool to perform the exploit was relatively simple once imagined, and wouldn’t be surprised if hacker groups knew about it already. It had notified Microsoft, Apple and Intel of its findings before releasing the information publicly. However the trick is performed on hardware manufacturers’ firmware itself, meaning if that firmware wasn’t built with the latest security techniques in mind, it probably can’t be protected.
Guard Your Computer at All Times
Like many exploits that work at such an elementary level, an attacker would need physical access to your machine — which many may brush off as unimportant. However, for regular business travelers and conference-goers, there are just enough distractions and strangers hanging around to make it more than a casual threat. It would take only a few seconds for someone to swipe your computer as you looked away to chat, or grab a coffee.
And of course, if you’re a known bitcoin and cryptocurrency fan, expect to be targeted in several creative ways — your data is more attractive to hackers than most people’s. Even if you’re a regular user, once your laptop goes missing, it could wind up in anyone’s hands. It’s a reminder to guard your machine as carefully as you can, and never let it out of your sight.
Powering down a laptop after using it is something not enough people do, either. Many simply close the lid and put it to sleep — even a password required to wake it up doesn’t trigger the memory-overwriting process that shutting it down would.
And now, would-be attackers may be able to prevent that from happening too. F-Secure’s technique is just a proof-of-concept for now, but a security exploit can go from concept to widespread as quickly as we rush to move more of our lives onto digital platforms.
The ubiquity of technology has also led to a certain complacence about their importance, or the damage the data they contain could do in the wrong hands. The slogan “Be Your Own Bank” sounds less attractive if your entire, unrecoverable bank balance is on a device as light as a magazine — so don’t. Keep anything you wouldn’t want falling into the wrong hands in a physically secure place, which probably isn’t something you’re carrying around with you.
Does news of this latest exploit worry you? Please share any security tips you may have in the comments section.
Images via Pixabay