How a charger can hijack your laptop
Increasing Number Of Computers At Risk Through Plug-In Devices: Study
London:27.02.2019
Many modern laptops and an increasing number of desktop computers are much more vulnerable to hacking through common plug-in devices than previously thought, a study has found.
The researchers from the University of Cambridge and Rice University in the US shows that attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations.
Vulnerabilities were found in computers with Thunderbolt ports running Windows, macOS, Linux and FreeBSD. Many modern laptops and an increasing number of desktops are susceptible.
Researchers exposed the vulnerabilities through Thunderclap, an open-source platform they have created to study the security of computer peripherals and their interactions with operating systems.
It can be plugged into computers using a USB-C port that supports the Thunderbolt interface and allows the researchers to investigate techniques available to attackers. They found that potential attacks could take complete control of the target computer.
In addition to plug-in devices like network and graphics cards, attacks can also be carried out by seemingly innocuous peripherals like chargers and projectors that correctly charge or project video but simultaneously compromise the host machine.
Computer peripherals such as network cards and graphics processing units have direct memory access (DMA), which allows them to bypass operating system security policies.
DMA attacks abusing this access have been widely employed to take control of and extract sensitive data from target machines.
Current systems feature inputoutput memory management units (IOMMUs) which can protect against DMA attacks by restricting memory access to peripherals that perform legitimate functions and only allowing access to non-sensitive regions of memory.
However, IOMMU protection is frequently turned off in many systems and the new research shows that, even when the protection is enabled, it can be compromised.
Companies have begun to implement fixes that address some of the vulnerabilities. However, the research shows solving the general problem remains elusive and that recent developments, such as the rise of hardware interconnects like Thunderbolt 3 that combine power input, video output and peripheral device DMA over the same port, have increased the threat from malicious devices that take control of connected machines. PTI
HACKING THREAT
Increasing Number Of Computers At Risk Through Plug-In Devices: Study
London:27.02.2019
Many modern laptops and an increasing number of desktop computers are much more vulnerable to hacking through common plug-in devices than previously thought, a study has found.
The researchers from the University of Cambridge and Rice University in the US shows that attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations.
Vulnerabilities were found in computers with Thunderbolt ports running Windows, macOS, Linux and FreeBSD. Many modern laptops and an increasing number of desktops are susceptible.
Researchers exposed the vulnerabilities through Thunderclap, an open-source platform they have created to study the security of computer peripherals and their interactions with operating systems.
It can be plugged into computers using a USB-C port that supports the Thunderbolt interface and allows the researchers to investigate techniques available to attackers. They found that potential attacks could take complete control of the target computer.
In addition to plug-in devices like network and graphics cards, attacks can also be carried out by seemingly innocuous peripherals like chargers and projectors that correctly charge or project video but simultaneously compromise the host machine.
Computer peripherals such as network cards and graphics processing units have direct memory access (DMA), which allows them to bypass operating system security policies.
DMA attacks abusing this access have been widely employed to take control of and extract sensitive data from target machines.
Current systems feature inputoutput memory management units (IOMMUs) which can protect against DMA attacks by restricting memory access to peripherals that perform legitimate functions and only allowing access to non-sensitive regions of memory.
However, IOMMU protection is frequently turned off in many systems and the new research shows that, even when the protection is enabled, it can be compromised.
Companies have begun to implement fixes that address some of the vulnerabilities. However, the research shows solving the general problem remains elusive and that recent developments, such as the rise of hardware interconnects like Thunderbolt 3 that combine power input, video output and peripheral device DMA over the same port, have increased the threat from malicious devices that take control of connected machines. PTI
HACKING THREAT
No comments:
Post a Comment