Friday, September 14, 2018

The Cold Boot Attack is Back – Don't Leave Laptops Unattended

Credit: F-Secure
Cybersecurity vendor F-Secure announced today that "nearly all modern computers" are vulnerable to a cold boot attack (via a USB stick) that overrides existing safeguards. This attack can give someone access to laptop firmware and, therefore, encryption keys and other private data...

This vulnerability is particularly worrisome for organizations that regularly handle sensitive information, such as banks or government agencies, because the information gathered from a compromised laptop could let hackers work their way into other systems...

Because the attack requires physical access, it's also hard to know if someone has already discovered and used it. F-Secure characterized the attack as something that a low-level hacker might not discover but that anyone interested in corporate espionage or the like would be very interested in. Organizations have to decide if they want to proceed as if they were affected, which could be costly, or if they'll ignore the issue.

F-Secure advised concerned organizations to require Bitlocker PIN entry when a laptop powers up or restarts, to make sure employees force the laptops to shut down or hibernate instead of going into sleep mode and to keep laptops safe and have a plan for if they go missing. Aside from those steps, however, it's up to the laptop industry to make sure their products aren't susceptible to this modified attack. more

Q.v. USB Stick Warnings