F-Secure Research Finds New Malware Threat for Hackers to Access Encrypted Data
A New Malware Threatening to Give Hackers Access to Even Encrypted Data
Computers running on Mac and Windows are facing a new threat. A new firmware exploit has been developed that is capable of retrieving data from even powered-off systems that are encrypted. This is according to a security research firm called F-Secure. The firm says that in addition to the exploit getting such access, there is nothing much that software security developers can do to protect existing machines.
Exploit to Target Most Desktops and Laptops
TechCrunch reports that the F-Secure, the security firm from Finland, said that “nearly all” desktops and laptops have been affected apart from the modern Apple machines that are using T2 chip. These modern machines also include BitLocker from Microsoft and FileVault disk encryption from Apple. They have been integrated into the latest operating systems.
This security system operates by preventing machines from overwriting the data in its memory when shutting down. OSes uses a similar security technique to add an extra layer to its system. The memory in this system records and stores important data including passwords and disk encryption keys.
According to F-Secure, developing a kit to carry out such an exploit is very simple once it is conceived. They further said that it would not be a surprise if the exploit is already in the hands of hackers. The firm had already informed Apple, Microsoft and Intel of their findings before they had this information released to the public. The tricky part though is that this malware is designed to work on the manufacturers’ hardware. This means that all firmware that was built without the latest security features will be vulnerable.
Secure Your Computer all the Time
For this exploit to work, just like many others that work at such a basic level, the attacker would require to access your computer. It would thus seem as less dangerous considering that most people assume they have their machine guarded at all times, but this is not the case. Take for instance, conference goers and business travelers. Such clout will meet so many people in different environments providing just enough distractions to let go off your computer and have it in the hands of malicious individuals. It would not take much time to have someone swipe away your computer in a few seconds that you would lose concentration.
If you are one of those digital currency and bitcoin enthusiasts, expect to be a target as many hackers would want to get hold of your valuable data. There are so many creative ways that these people can try to use to get your data. It does not matter how often you use and keep watch of your laptop, the moment it slips off your hands, it could end up with anyone including hackers. This serves as a reminder to always maintain focus and guard your computer everywhere.
Many people who own laptops have a habit of simply closing the machine’s lid instead of shutting it down. Putting your laptop on sleep mode leaves it accessible to anyone who takes control of it. You should now that the password required to wake it up cannot initiate the memory-overwriting process that usually takes place when you shut it down.
Even then, potential attackers are now able to ensure that the process does not take place. The technique from F-Secure is simply at its concept stage now, but has the potential of spreading out very quickly. This spread will happen as more people get into the digital world.
Technology is now a commonplace aspect leading to society’s complacency of its importance. People have lost sense of the damage it can have if the wrong people were to take control. The aspect “Be Your Own Bank” does not sound that attractive considering that you may be walking around with your entire bank balance in a device lighter than a magazine. If you want to be safe, and to avoid your important data from falling in the hands of the wrong people, you better store such devices with your information is a physically secure place. Avoid walking around everywhere carrying such information since you never know when bad luck will strike.