F-Secure has recently discovered and reported a new vulnerability for Windows as well as Mac OS based laptops. This vulnerability will allow hackers to steal encryption keys and other sensitive data when your computer is in Sleep mode. And there is no real way to save your computer from this theft.
The computer is vulnerable when in Sleep mode
Olle Segerdahl, the Principal Security Consultant at F-Secure, said in a statement said that the attacker would need physical access to the device to make an attack. But the main concerning factor is that to exploit this vulnerability, the attacker would need only 5 minutes at max.
He also said that the organizations are not yet prepared to protect themselves. This raises the topic about the well known Cold Boot Attacks.
The team at F-Secure mentioned that-
The two experts figured out a way to disable this overwrite feature by physically manipulating the computer’s hardware. Using a simple tool, Olle and Pasi learned how to rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices. Cold boot attacks can then be carried out by booting a special program off a USB stick.
These Cold Boot Attacks are not new. They were first developed in 2008 by a research group. They discovered that when a machine goes in the cold boot state due to incomplete or abnormal shut down or reboot, some of the information is still left in the RAM and hence this information can easily be accessed by these hackers when they are physically able to access that targetted device.
While talking about making devices immune to these attacks, the security researchers at F-Secure highlighted the following measures:
They also said that Macs that are equipped with the Apple T2 chip are somewhat immune to the attacks like these as well.
A majority of manufacturers are affected by this vulnerability. If you are reading this on your laptop, it might even be vulnerable. They have notified brands like Microsoft, Dell, Apple and others about this vulnerability and we expect that a fix will be coming soon for the devices.
You can read the full details on f-secure.com.