A couple of cybersecurity researchers have developed a method that can bypass mitigations for concentrated attacks on laptops. A physical attacker can compromise a laptop that’s in sleep mode, potentially acquiring sensitive information such as passwords, encryption keys and other personal data.
The complications are immeasurable – the attack will work on any make and brand laptop produced in the last decade. This includes models from HP, Dell, Apple and Lenovo. And even if there’s full disk encryption on the device, it’s still possible.
Cold boot attacks were engineered almost a decade ago by researchers; they’ve discovered that when a machine reboots or shuts down, there’s a very short timeframe enough for an attacker to turn off or re-reboot the platform, and quickly turn it back on to boot into a program that dumps all the data in RAM. Therefore, encryption keys and other secrets can be easily exposed.
Luckily, TCG (Trusted Computing Group) has swiftly issued a fix, which has been implemented into all machines and platforms wholesale ever since: During reboot, the BIOS simply overwrites the system memory with information unrelated to any secrets that may be exposed.
Segerdahl and his fellow F-Secure cybersecurity consultant Pasi Saarinen have now uncovered a method to altogether disable this overwrite feature using a hardware-based attack that amends the memory chip that contains the settings, making way for cold-boot attacks to be carried out by booting a special coded program with just the use of a USB stick.
The Bypass Attack according to Segerdahl –
“To carry out the attack, an adversary would boot Windows with BitLocker (or steal a powered-on device) and then put the computer to sleep; he or she could then use physical access to set the NVRAM variable “MemoryOverwriteRequest” to zero (the NVRAM “BootOrder” variable can also be modified here to allow booting from external media, if necessary).
After a machine reset, the attacker would then boot from external media and use crafted software to scan the device’s memory for the BitLocker key. Carrying this out requires a special tool for the physical access step, “which is basically any microcontroller – which can be used to interface to the SPI flash chip [using an SOIC-8 ‘chip-clip’ on the target motherboard],” Segerdahl told us. “We used an Arduino Nano that we built from scratch to rewrite the NVRAM.”
Using this technique, any modern device using BitLocker can be unlocked by extracting AES keys from RAM, Segerdahl noted; he added that even a device configured with pre-boot authentication is vulnerable if it’s found in a booted or sleep state.
“The obvious target is disk encryption keys since these give access to all information stored on the protected volume,” he said. “You can of course steal passwords from memory, but more likely you will be able to steal passwords and VPN credentials from the encrypted disk or plant a backdoor on the encrypted disk that allows you to log in and use the machine (including any configured VPN connections).”
Companies, meanwhile, can configure laptops “so that an attacker using a cold-boot attack won’t find anything to steal,” he said. Mainly, this is done by IT, which can configure all company computers to either shut down or hibernate (not enter sleep mode) and require users to enter their Bitlocker PIN whenever they power up or restore their computers.”
In any case – leaving your machines unattended is never a good idea.