Do you think having a strong password in your PC’s login screen can stop hackers from accessing it? If you have thunderbolt port in your PC then you should think otherwise. It may take only five minutes to get access to your PC courtesy of a new flaw in Intel’s thunderbolt interface.
Eindhoven University of Technology researcher Björn Ruytenberg has revealed new flaws in Intel’s thunderbolt interface. He has shown an attack method which he calls Thunderspy. Though this method one needs physical access to a computer to exploit the flaws. Even if the laptop is locked, password-protected, or has an encrypted hard drive, the hacker can gain access to all data in just five minutes.
Nowadays thunderbolt is common in high-end Windows laptop and all the new Apple Macbooks have a thunderbolt port. Intel’s Thunderbolt interface offers direct access to a computer’s memory compared to other ports. And this gives thunderbolt up to 40Gbps transfer speeds.
Security flaws in the thunderbolt interface are nothing new. Last year a security researcher group had disclosed a security flaw called Thunderclap which allowed a hacker with a malicious USB drive to exploit Thunderbolt’s direct memory access and bypassing all of a computer’s security measures.
According to the researchers the flaws cannot be patched in software, and that a hardware redesign will be needed to completely fix the issues. In a blog post, Intel claims that the underlying vulnerability is not new and was addressed in operating system releases last year. According to them, devices that have Kernel Direct Memory Access (DMA) protection can mitigate this attack. But the security researchers say they couldn’t find any Dell machines with the protection applied, and that they could only verify that some HP and Lenovo laptops used it. It should be noted that Apple’s macOS computers are unaffected.