Thunderspy Attack Could Target Millions Of PCs – Cybersecurity Expert Insight

The Thunderbolt port found in millions of PCs can be exploited by hackers to read and copy all stored data, according to new research from Eindhoven University of Technology. With just a few minutes of physical access to the PC, the technique discovered by Björn Ruytenberg can bypass the login screen of sleeping or locked computer—and even its hard disk encryption—to gain full access to the computer’s data. This attack leaves no trace of inclusion, so those effected would not realize that their data had been compromised. Rutenberg says there’s no easy software fix, only disabling the Thunderbolt port altogether.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
May 11, 2020 9:57 am

This is an impressive attack, and at first glance there would seem little to mitigate it. The new technique allows an attacker to bypass the security settings in place, meaning that it is very difficult to defend against. But there is still some simple advice that can be effective: you should never leave your computer unattended for any given time. Luckily, given the current social distancing in place, it would seem only your household could be the hacker culprits.

Being able to alter the firmware of the internal chip and changing the security settings to allow access to any device is impressive, and although Thunderbolt port attacks are nothing new, they can be extremely damaging and infuriatingly difficult to patch. Therefore, in the meantime I would advise that users avoid connecting unknown or untrusted devices to PC ports, and that the Thunderbolt port isn’t used by those who still work around people or who may be particularly vulnerable to an attack.

Last edited 2 years ago by Jake Moore
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x