A threat actor with just five minutes of direct access to a computer’s Thunderbolt port can steal encrypted data and clean out the device’s system memory due to seven specific security lapses in the Intel-developed port.
The vulnerabilities, named Thunderspy, were brought to light by Björn Ruytenberg, a graduate student at the Eindhoven University of Technology in the Netherlands, who reported a threat actor would need direct access to the device to implement the hack, but it would only take about five minutes to accomplish the task.
Thunderspy is particularly dangerous as it is capable of bypassing most of a Thunderbolt port’s security measures and by the fact an attack leaves no trace behind. All three versions of Thunderbolt are affected by the Thunderspy vulnerabilities with only systems shipping Kernel DMA Protection mitigate some, but not all, of the vulnerabilities. However, 0nly systems that began shipping since 2019 come with Kernel DMA Protection.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.