![]() ![]() Microsoft has provided updated guidance on this issue here. Companies should implement this advice by configuring their computers to hibernate after a period of inactivity and require the pre-boot password or PIN to be entered when starting the device. No keys in memory to steal!Īccording to Olle and Pasi, the best defense against this is to configure devices to require pre-boot authentication (entering a password or PIN to decrypt the device’s hard drive before the operating system loads), and then fully power down devices when you’re not using them. Hibernation + pre-boot authentication is the best protection against cold boot attacks. And for many organizations, this puts information like account credentials at risk, giving attackers the keys to the proverbial kingdom. Once an attacker has encryption keys, it’s only a matter of time until they hack their way into the device. A successful cold boot attack could see an adversary extract this information from a sleeping computer. When a computer goes to sleep, information stays in the random-access memory (RAM), including sensitive information like encryption keys. “Sleep mode is vulnerable mode,” is Olle’s advice. But according to Olle and Pasi, the key takeaway is that sleeping computers shouldn’t be treated as if they’re secure. You can read this blog post or listen to this podcast to get all the details. Here’s F-Secure’s Olle Segerdahl and Pasi Saarinen exploiting the flaw during a live demonstration at SEC-T in Sweden. ![]() But two F-Secure security consultants sent chills down the spines of CISOs, PC vendors and the security community a few weeks ago when they revealed a flaw in modern computers that exposes them to cold boot attacks. Even if the device falls into the wrong hands. Many people assume that if they use full disk encryption on their laptops, the information is going to stay safe. ![]()
0 Comments
Leave a Reply. |