This Chilling Attacks Lets Hackers Steal Data From Almost Any Laptop


<div _ngcontent-c16 innerhtml="

More than a decade ago, security researchers demonstrated a hacking technique called a cold boot attack. Amazingly enough it's still effective against laptops that are being sold today... maybe even yours.

An F-Secure researcher sets up for a cold boot attackF-Secure

You may have read about cold boot attacks before right here on Forbes. In 2013, researchers tossed a Samsung Galaxy Nexus into a freezer to prep it for attack. This week a duo from Helsinki-based F-Secure demonstrated a similar hack on a Lenovo laptop. Researchers Olle Segerdahl and Pasi Saarinen used a cold boot attack to steal the system's encryption keys. With those in hand, they had carte blanche access to its contents.

Don't let your guard down just because Segerdahl and Saarinen chose to attack a Lenovo laptop and you happen to own a different brand. The technique they utilized could theoretically be used against just about any laptop on the market... including Apple.

As long your laptop is set to go to sleep when you close the lid or after a certain amount of idle time, it's likely vulnerable. Here's how their attack plays out.

Instead of sticking the entire laptop into the icebox, F-Secure used a more selective chilling process. The laptop's bottom cover was removed and the system's RAM was rapidly cooled using a can of compressed air. Not simply by blasting it with air, mind you -- by turning it upside down and directing the liquid fluorocarbons inside at the chip.

Once the chip has been sufficiently cooled phase two of the attack can begin. A specialized (but fairly common) device allows them to manipulate the system's non-volatile memory. Once the tool does its thing, the attacker instructs the computer to boot to a USB flash drive. Any data that was stored in memory as the computer went to sleep can now be accessed. In this case, the hacker is able to dump a "secret password."

After the hacker in the video logs in to the laptop the very same password is shown inside a WordPad document as proof the attack worked.

How To Protect Yourself Against Cold Boot Attacks

As dangerous as they are, cold boot attacks aren't all that hard to defend against. One of the simplest defenses is to trade sleep mode for hibernation. Hibernation does not leave the same digital traces in memory that sleep does which neutralizes the attack. Setting up a pre-boot password on your computer adds yet another layer of protection.

It's important to be prepared no matter what you think the odds are of being victimized by a cold boot attack. “Planning for these events is a better practice than assuming devices cannot be physically compromised by hackers because that’s obviously not the case,” Segerdahl notes.

" readability="53.603238866397">

More than a decade ago, security researchers demonstrated a hacking technique called a cold boot attack. Amazingly enough it's still effective against laptops that are being sold today... maybe even yours.

An F-Secure researcher sets up for a cold boot attackF-Secure

You may have read about cold boot attacks before right here on Forbes. In 2013, researchers tossed a Samsung Galaxy Nexus into a freezer to prep it for attack. This week a duo from Helsinki-based F-Secure demonstrated a similar hack on a Lenovo laptop. Researchers Olle Segerdahl and Pasi Saarinen used a cold boot attack to steal the system's encryption keys. With those in hand, they had carte blanche access to its contents.

Don't let your guard down just because Segerdahl and Saarinen chose to attack a Lenovo laptop and you happen to own a different brand. The technique they utilized could theoretically be used against just about any laptop on the market... including Apple.

As long your laptop is set to go to sleep when you close the lid or after a certain amount of idle time, it's likely vulnerable. Here's how their attack plays out.

Instead of sticking the entire laptop into the icebox, F-Secure used a more selective chilling process. The laptop's bottom cover was removed and the system's RAM was rapidly cooled using a can of compressed air. Not simply by blasting it with air, mind you -- by turning it upside down and directing the liquid fluorocarbons inside at the chip.

Once the chip has been sufficiently cooled phase two of the attack can begin. A specialized (but fairly common) device allows them to manipulate the system's non-volatile memory. Once the tool does its thing, the attacker instructs the computer to boot to a USB flash drive. Any data that was stored in memory as the computer went to sleep can now be accessed. In this case, the hacker is able to dump a "secret password."

After the hacker in the video logs in to the laptop the very same password is shown inside a WordPad document as proof the attack worked.

How To Protect Yourself Against Cold Boot Attacks

As dangerous as they are, cold boot attacks aren't all that hard to defend against. One of the simplest defenses is to trade sleep mode for hibernation. Hibernation does not leave the same digital traces in memory that sleep does which neutralizes the attack. Setting up a pre-boot password on your computer adds yet another layer of protection.

It's important to be prepared no matter what you think the odds are of being victimized by a cold boot attack. “Planning for these events is a better practice than assuming devices cannot be physically compromised by hackers because that’s obviously not the case,” Segerdahl notes.

Let's block ads! (Why?)



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *