Thunderbolt flaws may leave PCs vulnerable to physical hacks
All attackers need is five minutes alone with your computer, warns a security researcher.
Millions of computers made before 2019 are said to be vulnerable to physical attacks that take aim at a common component: the Thunderbolt port. Security researcher Bjorn Ruytenberg on Sunday revealed the so-called Thunderspy attack, which lets hackers read and copy data on a PC, even if it's locked or asleep, in just a few minutes.
Ruytenberg said seven vulnerabilities were uncovered in Intel's Thunderbolt design. The flaws make it possible for someone with "5 minutes alone with the computer, a screwdriver, and some easily portable hardware" to bypass security measures in order to steal data from encrypted drives and memory, according to Ruytenberg.
Thunderbolt, embraced first by Apple in 2011 and later by some Windows PC makers, has proved popular in high-end computing situations demanding a multipurpose connector. A single Thunderbolt port can link to external monitors, network adapters, storage systems and more.
In a blog post on Sunday, Intel said Thunderspy-type of attacks were mitigated with the implementation of Kernel Direct Memory Access (DMA) Protection. However the security feature isn't available in computers made before 2019. Intel also encouraged people to only use trusted peripherals and to prevent unauthorized physical access to computers.
See also: Dumping passwords can improve your security -- really