Support for Ukraine



Blog Archive



Almost 'all modern computers' affected by cold boot attack

Full Story Blog Post Thursday, September 13, 2018 in Security   View 1 Comment 1 Comment
Security
The attack would allow potential hackers to steal sensitive information stored on your RAM.

Security researchers have discovered a flaw with nearly all modern computers that allow potential hackers to steal sensitive information from your locked devices.

The attack only takes about five minutes to pull off, if the hacker has physical access to the computer, F-Secure principal security consultant Olle Segerdahl said in a statement Thursday. Cold boot attacks can steal data on a computer's RAM, where sensitive information is briefly stored after a forced reboot.

These attacks have been known since 2008, and most computers today have a safety measure where it removes the data stored on RAM to prevent hackers from stealing sensitive information. It's also not a common threat for the average person, since both access to the computer and special tools—like a program on a USB stick—are needed to carry out the attack.

But Segerdahl and researchers from F-Secure said they've found a way to disable that safety measure and extract data using cold boot attacks.

"It takes some extra steps compared to the classic cold boot attack, but it's effective against all the modern laptops we've tested," he said in a statement.

There's no immediate fix available for the new vulnerability, F-Secure said. The cybersecurity company recommends that you configure your laptops to automatically shut down or hibernate instead of having it enter sleep mode when you close your screen.

www.cnet.com