2 min read

Thunderspy Attack Affects all Computers with Thunderbolt Released in the Past Decade

Silviu STAHIE

May 12, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Thunderspy Attack Affects all Computers with Thunderbolt Released in the Past Decade

A slew of seven vulnerabilities identified in the Thunderbolt port allow an attacker with physical access to the device to bypass all security, no matter the platform. It affects all laptops and computers built since 2011.

The vulnerabilities, known collectively as ThunderSpy, were identified by security researcher Björn Ruytenberg, an MSc student in Computer Science and Engineering.

These are not your average hardware vulnerabilities, as they require considerable knowledge and some additional hardware. But once an attacker has all the software and hardware tools, any computer that features the Thunderbird port and was built in the past nine years can be compromised, even if it runs Windows, Linux, or MacOS.

“Thunderspy is stealth, meaning that you cannot find any traces of the attack,” says the researcher. “It does not require your involvement, i.e., there is no phishing link or malicious piece of hardware that the attacker tricks you into using.”

“Thunderspy works even if you follow best security practices by locking or suspending your computer when leaving briefly, and if your system administrator has set up the device with Secure Boot, strong BIOS and operating system account passwords, and enabled full disk encryption. All the attacker needs is 5 minutes alone with the computer, a screwdriver, and some easily portable hardware.”

This attack is not only theoretically possible — Ruytenberg developed nine scenarios in which bad actors could exploit these vulnerabilities. There”s even a short video underlying how the security of a Windows system is bypassed.

Both Intel and Apple (Thunderbolt developer) were informed of the vulnerabilities. Intel said it was already aware of some of them, and Apple chose to do nothing about it because macOS was only partially vulnerable.

Intel notified a number of affected partners, and Apple simply said: “Some of the hardware security features you outlined are only available when users run macOS. If users are concerned about any of the issues in your paper, we recommend that they use macOS.”

The researcher also released a tool that tells people if their hardware is affected by the vulnerability, and made it available on his website.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chrome 96 Gets 22 More Security Fixes with New Incremental Update Chrome 96 Gets 22 More Security Fixes with New Incremental Update
Filip TRUȚĂ

December 08, 2021

1 min read
Most Employees Believe Passwords Affect Their Productivity, Research Finds Most Employees Believe Passwords Affect Their Productivity, Research Finds
Silviu STAHIE

December 06, 2021

1 min read
US State Department iPhones Infected with Pegasus Spyware – Report US State Department iPhones Infected with Pegasus Spyware – Report
Filip TRUȚĂ

December 06, 2021

2 min read