This security flaw puts millions of computers at risk for a serious (but unlikely) hack

kltaylor Member, Beta Tester Posts: 1,231
1000 Comments 500 Likes 50 Answers 100 Awesomes

New York (CNN Business)A new report from a Dutch security researcher details a hacking mechanism that targets a common feature on millions of computers: the Thunderbolt port.

Bjorn Ruytenberg, a researcher at Eindhoven University in the Netherlands, identified a security flaw in the Thunderbolt port that could allow a hacker to break into a computer and access all of its data in a matter of minutes, even if the computer's owner has taken security precautions.
"If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep," Ruytenberg said in the report. He dubbed the hacking technique "Thunderspy."
"Thunderspy is stealth, meaning that you cannot find any traces of the attack," he said. The attack also does not require any engagement on the part of the computer's user, unlike other types of attacks such as phishing.
Developed by Intel (INTC) in 2011, the Thunderbolt port enables fast data transfers. It is present on many PC and Apple laptops and — increasingly — some desktops. Although Intel recently developed a tool to address security concerns with the port, it isn't available on computers manufactured before 2019.
Ruytenberg demonstrated the attack, which took just about five minutes, in a YouTube video published along with the report.

To read the entire article, please click on the Source link above.

"There's a fine line between audacity and idiocy."
-Warden Anastasia Luccio, Captain