Thunderspy Attack Affects all Computers with Thunderbolt Released in the Past Decade
A slew of seven vulnerabilities identified in the Thunderbolt port allow an attacker with physical access to the device to bypass all security, no matter the platform. It affects all laptops and computers built since 2011.
The vulnerabilities, known collectively as ThunderSpy, were identified by security researcher BjÃ¶rn Ruytenberg, an MSc student in Computer Science and Engineering.
These are not your average hardware vulnerabilities, as they require considerable knowledge and some additional hardware. But once an attacker has all the software and hardware tools, any computer that features the Thunderbird port and was built in the past nine years can be compromised, even if it runs Windows, Linux, or MacOS.
“Thunderspy is stealth, meaning that you cannot find any traces of the attack,” says the researcher. “It does not require your involvement, i.e., there is no phishing link or malicious piece of hardware that the attacker tricks you into using.”
“Thunderspy works even if you follow best security practices by locking or suspending your computer when leaving briefly, and if your system administrator has set up the device with Secure Boot, strong BIOS and operating system account passwords, and enabled full disk encryption. All the attacker needs is 5 minutes alone with the computer, a screwdriver, and some easily portable hardware.”
This attack is not only theoretically possible — Ruytenberg developed nine scenarios in which bad actors could exploit these vulnerabilities. There”s even a short video underlying how the security of a Windows system is bypassed.
Both Intel and Apple (Thunderbolt developer) were informed of the vulnerabilities. Intel said it was already aware of some of them, and Apple chose to do nothing about it because macOS was only partially vulnerable.
Intel notified a number of affected partners, and Apple simply said: “Some of the hardware security features you outlined are only available when users run macOS. If users are concerned about any of the issues in your paper, we recommend that they use macOS.”
The researcher also released a tool that tells people if their hardware is affected by the vulnerability, and made it available on his website.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021