Technology 2 min read

Thunderspy: New Thunderbolt Flaw Enables Stealth Attack on Ports

Nejron Photo / Shutterstock.com

Nejron Photo / Shutterstock.com

A Dutch security researcher, Björn Ruytenberg, recently discovered a critical flaw — Thunderspy — affecting Thunderbolt-equipped computers.

Thunderbolt is the brand name of a hardware interface that allows the connection of external peripherals to a computer. You’ll find this port on tons of Windows, Linux, as well as Apple machines.

One primary feature of Thunderbolt is its incredible speed – up to 40Gbps. To achieve such speed, the interface usually allows direct access to computer memory than other types of ports.

As you may have guessed, the increased exposure to system resources poses a significant security threat.

In 2019, security researchers discovered a series of flaws that they called “Thunderclap.” The vulnerability enabled the planting of malicious components that could bypass security measures.

At the time, the researchers recommended using Thunderbolt security levels to limit system access. Now, a Dutch security researcher Björn Ruytenberg has discovered a new Thunderbolt vulnerability that can bypass those security measures.

The flaw is called “ThunderSpy.”

How ThunderSpy Allows Unauthorized Access to a Computer

ThunderSpy allows a hacker to bypass locks, password-protection, and encryption on ports produced before 2019.

According to Ruytenberg, the attack requires physical access to the computer to carry out the exploit. What’s more, the security researcher described this category of attack as “the evil maid.

He explained:

“All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop.”

The whole process could take as little as five minutes, and leave zero evidence of physical of digital tampering. Furthermore, it only requires about $400 worth of equipment, says Ruytenberg.

Since there’s no software patch for the attack, the security researcher recommends the following:

  • Never leave your system unattended while powered on
  • Connect only your Thunderbolt peripherals
  • Never leave your Thunderbolt peripherals unattended.
  • Consider using hibernation or powering down your system.
  • Avoid using sleep mode

Also, you must ensure physical security when storing your computer as well as Thunderbolt devices, including Thunderbolt displays.

All Windows and Linux computers with Thunderbolt ports are vulnerable to the attack. However, Apple computers remain safe.

Read More: How AI Will Improve Cybersecurity in 2020

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Sumbo Bello know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Sumbo Bello

Sumbo Bello is a creative writer who enjoys creating data-driven content for news sites. In his spare time, he plays basketball and listens to Coldplay.

Comments (0)
Most Recent most recent
You
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.