Cybersecurity Expert On Intel Thunderbolt Port Flaw

Following the news around researchers finding a major bug in the Thunderbolt ports made by Intel and found in millions of PC’s, chief security scientist commented below as part of our expert commenting series.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Joseph Carson
Joseph Carson , Thycotic
InfoSec Expert
May 12, 2020 4:55 pm

The Thunderbolt flaw exposed on millions of computers is a serious issue as it allows an attacker only a matter of minutes to bypass the device security that keeps unauthorized users out. Though luckily for this attack, it does require physical access and requires visible tampering so it can only happen when an attacker is alone for several minutes with your computer.

This means leaving your computer for only a few minutes gives an attacker the ability to gain access to your data, activity and accounts. It might be worth making it a little bit more difficult and placing tamper resistant stickers over your device screws to at least make any tamper more visible, though this by itself is not full proof. Making sure to log off when you leave your device unattended makes it more difficult, though again, not impossible for the attacker to gain access. Anything you can do to force the attacker to take more time being successful for such attacks increases the risks of them getting exposed. At this time, I have not seen any evidence of this attack being used though it does raise questions to how long attackers may have known about this.

Unfortunately for this attack, there is no easy fix and any vendor’s hardware exposed by this attack will need to come up with creative ideas to make it more difficult and fully resolve the vulnerability.

Last edited 2 years ago by Joseph Carson
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x