Add to favourites
News Local and Global in your language
19th of October 2018

Internet



Current Security Measures Not Enough to Protect Data in Lost or Stolen Laptops, Experts Warn

A weakness in modern computers allows attackers to steal encryption keys and other sensitive information, according to the latest discovery by cybersecurity firm F-Secure. Researchers from the firm are warning PC vendors and users that current security measures are not sufficient to protect data in lost or stolen laptops. Attackers do need physical access to the computer to carry out the exploit, however, F-Secure Principal Security Consultant Olle Segerdahl says once achieved, an adversary can successfully perform the attack in about 5 minutes. From the report: "The weakness allows attackers with physical access to a computer to perform a cold boot attack — an attack that's been known to hackers since 2008. Cold boot attacks involve rebooting a computer without following a proper shutdown process, then recovering data that remains briefly accessible in the RAM after the power is lost. Modern laptops now overwrite RAM specifically to prevent attackers from using cold boot attacks to steal data. However, Segerdahl and his team discovered a way to disable the overwrite process and re-enable the decade-old cold boot attack."

Plan ahead: "A quick response that invalidates access credentials will make stolen laptops less valuable to attackers. IT security and incident response teams should rehearse this scenario and make sure that the company's workforce knows to notify IT immediately if a device is lost or stolen," says Olle. "Planning for these events is a better practice than assuming devices cannot be physically compromised by hackers because that's obviously not the case."

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet Read More




Leave A Comment

More News

TechRadar: Internet news

Latest ITProPortal news

Nouvelles Internet

Dev Pro

TechCrunch » Enterprise

Next INpact – Actualités

PressMyWeb | digital et

Disclaimer and Notice:WorldProNews.com is not the owner of these news or any information published on this site.