Thunderspy Attack Could Target Millions Of PCs – Cybersecurity Expert Insight

The Thunderbolt port found in millions of PCs can be exploited by hackers to read and copy all stored data, according to new research from Eindhoven University of Technology. With just a few minutes of physical access to the PC, the technique discovered by Björn Ruytenberg can bypass the login screen of sleeping or locked computer—and even its hard disk encryption—to gain full access to the computer’s data. This attack leaves no trace of inclusion, so those effected would not realize that their data had been compromised. Rutenberg says there’s no easy software fix, only disabling the Thunderbolt port altogether.

Experts Comments

May 11, 2020
Jake Moore
Cybersecurity Specialist
ESET
This is an impressive attack, and at first glance there would seem little to mitigate it. The new technique allows an attacker to bypass the security settings in place, meaning that it is very difficult to defend against. But there is still some simple advice that can be effective: you should never leave your computer unattended for any given time. Luckily, given the current social distancing in place, it would seem only your household could be the hacker culprits. Being able to alter the.....Read More
This is an impressive attack, and at first glance there would seem little to mitigate it. The new technique allows an attacker to bypass the security settings in place, meaning that it is very difficult to defend against. But there is still some simple advice that can be effective: you should never leave your computer unattended for any given time. Luckily, given the current social distancing in place, it would seem only your household could be the hacker culprits. Being able to alter the firmware of the internal chip and changing the security settings to allow access to any device is impressive, and although Thunderbolt port attacks are nothing new, they can be extremely damaging and infuriatingly difficult to patch. Therefore, in the meantime I would advise that users avoid connecting unknown or untrusted devices to PC ports, and that the Thunderbolt port isn’t used by those who still work around people or who may be particularly vulnerable to an attack.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.