CISObyte 05-12-2020
It’s not news that any device left unattended with a hacker should be considered compromised. Learn what steps you can take to mitigate a few, but not all of the vulnerabilities.
“All the attacker needs is 5 minutes alone with the computer, a screwdriver, and some easily portable hardware.”
“Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep.”
“Intel has not shared why they have chosen not to inform the general public of these issues before.”
Are you affected? “All Thunderbolt-equipped systems shipped between 2011-2020 are vulnerable.” “Systems that exclusively provide USB-C ports are not affected.”
This should already be in your company portable device policy: make sure your device goes where you go, never leave it unattended when unsecured.
- Vulnerability Management
- Thunderbolt
- Risk Management
Thunderspy – When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep.