Millions of PCs Might Be Vulnerable to 'Thunderspy' Attack

Researcher bypasses password using a Thunderbolt 3 security flaw

If you have a system with USB-C ports, you might want to check if it's vulnerable to this novel, physical attack.

Hacker in hoodie holding a laptop in front of giant digital display screen\
Bill Hinton / Getty Images

Millions of PCs using Intel's Thunderbolt 3 connectivity technology might be vulnerable to a physical attack that could lay bare all their system data.

The details: According to a report in Wired, Eindhoven University of Technology researcher Björn Ruytenberg discovered a flaw in the Thunderbolt 3 security architecture that allowed him to bypass the password and even data encryption to take full control of a PC. He calls the attack "Thunderspy," and this flaw could apply to millions of PCs built between 2105 (when Thunderbolt 3 was introduced) and 2019.

It's not that simple: As Ruytenberg demonstrated in his YouTube video, the hacker needs physical access to your PC, has to partially dismantle it by removing the back plate, and then use hundreds of dollars of custom-built hardware to reprogram the Intel Thunderbolt and gain access to the PC.

Intel insight: Ruytenberg told Intel about the flaw three months ago. While acknowledging that this is a novel physical hack, Intel said in a blog post that the security flaw was patched in an operating system update last year.

What can you do: Ruytenberg developed a tool that you can run on your PC to see if its still vulnerable to a Thunderspy attack. Intel recommends that you use only trusted peripherals and do what you can to prevent unauthorized access to your PC.

Bottom line: While this attack is unlikely to happen while your PC is in your possession, many of us leave systems unattended in offices and hotel rooms. This is a good reminder to keep an eye on your PC and not assume that, even with security precautions in place, they are invulnerable.

Via: Wired

Learn More About Security