Thunderbolt port flaw makes PC to physical hacks

Google

According to the security researcher who identified this vulnerability, attackers need only five minutes alone with a computer to exploit it.

What is a Thunderbolt Port on a PC

[ads id="ads1"]
Millions of computers manufactured before 2019 would be vulnerable to a physical attack on the Thunderbolt port. Security researcher Bjorn Ruytenberg presented earlier this week the so-called «Thunderspy» attack, which allows hackers to read and copy data from a PC, even if it is locked or on standby, in just a few minutes.

PC Motherboard with Thunderbolt 3

The expert says he discovered seven vulnerabilities in the design of Intel’s Thunderbolt. According to him, these flaws allow someone who has “5 minutes alone with the computer, a  and easily transportable hardware” to bypass security measures in order to steal data from encrypted drives and memory.

The Thunderbolt appeared on Mac then on PC

[ads id="ads2"]
Thunderbolt connectivity allows the use of Displayport and PCI Express protocols in the same interface. Developed by Intel, it was first adopted by Apple in 2011 on the Macbook Pro, then by some Windows PC manufacturers. A single Thunderbolt port can connect to external monitors, network adapters, storage systems and much more.

In a Sunday blog post, Intel said:-Thunderspy-type attacks have been mitigated through the implementation of the kernel’s Direct Memory Access (DMA) protection. However, this security feature is not available on computers manufactured before 2019. Intel also encouraged people to use only trusted devices and prevent unauthorized physical access to computers.
full-width
contact-form