Security researchers have found a way to corrupt the firmware of a critical component usually found in servers to turn the systems into an unbootable hardware assembly. The recovery procedure requires physical intervention to replace the malicious firmware. Achieving this is done via regular tools used to keep the baseboard management controller (BMC) up to date.
Although deploying the malicious BMC update is possible from a remote location, the destructive step represents the final stage of an attack, so initial access to the target is needed. Using the host-based interface known as the Keyboard Controller Style (KCS), researchers from Eclypsium were able to pass a malicious firmware image to the computer’s BMC.
Super Micro has found no evidence of malicious microchips on its motherboards, according to a statement by the company that was released to customers. The audit of Super Micro hardware comes on the heels of a scandalous report that Chinese spies had allegedly installed secret microchips on motherboards that were used in servers operated by giant tech companies like Apple and government agencies like the CIA.
The bizarre report, published by Bloomberg Businessweek this past October after a year-long investigation, alleged that Chinese spies were able to spy on sensitive American servers, but the article was met with immediate and aggressive push-back by the companies involved.
Read more about the findings of the Super Micro audit on Gizmodo.
Academics from the Vrije University in Amsterdam, Holland, have published a research paper describing a new variation of the Rowhammer attack. Rowhammer is the name of a class of exploits that takes advantage of a hardware design flaw in modern memory cards.
A memory card stores temporary data inside storage units named cells, which are arranged on the physical chip in multiple rows, forming a grid. In 2014, researchers discovered that by reading data stored on one row repeatedly, they could create an electrical field that would alter data stored on nearby memory rows, causing either data corruption, or manipulating data in malicious ways. In new research, named ECCploit, academics expanded the previous Rowhammer techniques with a new variation.
Read more about the new version of the rowhammer attack on ZDNet.
Computer scientists at the University of California, Riverside have revealed for the first time how easily attackers can use a computer’s graphics processing unit, or GPU, to spy on web activity, steal passwords, and break into cloud-based applications.
The researchers reverse engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. All three attacks require the victim to first acquire a malicious program embedded in a downloaded app. The program is designed to spy on the victim’s computer.
Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.
The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU. Such devices are also known as self-encrypting drives (SEDs) and have become popular in recent years after software-level full disk encryption was proven vulnerable to attacks where intruders would steal the encryption password from the computer’s RAM.
Read more about the uncovered flaws in self-encrypting SSDs on ZDNet.
Intel processors are impacted by a new vulnerability that can allow attackers to leak encrypted data from the CPU’s internal processes. The new vulnerability, which has received the codename of PortSmash, has been discovered by a team of five academics from different universities.
Researchers have classified PortSmash as a side-channel attack, which describes a technique used for leaking encrypted data from a computer’s memory or CPU that works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU’s processed data.
Read more about the PortSmash side-channel vulnerability on ZDNet.
For most organizations, it’s time to put modern hardware threats into perspective. This year has had its share of hardware scares. We kicked off 2018 with the Spectre and Meltdown attacks; most recently, a Bloomberg BusinessWeek report detailed how Chinese plants implanted network monitoring and control chips on motherboards made for Supermicro.
Hardware technology – and, consequently, hardware attacks – have come a long way as devices have grown smaller, faster, cheaper, and more complex. Attacks that used to cost thousands of dollars can be done for a few hundred bucks or less. Now people panic when a report describes an implant the size of a grain of rice, one which is allegedly everywhere but nobody can find it.
Read how to fit hardware threats into your security model as hardware becomes smaller, faster, cheaper, and more complex on DarkReading.
Google’s Titan security keys are now available in the Google Store for businesses and individuals. If Google gets its way, the Titan keys, which come in USB and Bluetooth form factors, will be the new standard in two-factor account protection.
Authentication keys are nothing new, nor is the FIDO authentication framework that Google has built Titan around. What is new is a company as big as Google marketing and selling its own hardware key. With as large a market as Google has, the Titan could be the hardware key that finally replaces vulnerable two-factor authentication (2FA) methods.
Read more about Google’s Titan security keys, and learn how to get and use them for your organization, on TechRepublic.
Since the Spectre and Meltdown vulnerabilities knocked the glow off of the new year, 2018 has been the year of the CPU bug. Security researchers have been working in overdrive examining processors for design flaws, firmware bugs, and other vulnerabilities that put an entire computing architecture at risk. They haven’t come up empty-handed.
Read about the most important processor vulnerabilities we’ve had to contend with this year on DarkReading.
Another group of researchers has demonstrated that hard disk drives (HDDs) can be interfered with through sound waves, but they’ve also shown that ultrasonic signals (i.e., sounds inaudible to the human ear) can be used to damage their integrity and availability.
HDDs are non-volatile data storage devices that store and retrieve digital information by using rapidly rotating disks coated with magnetic material and magnetic heads that read and write data to the disks’ surfaces. They are usually found in personal computers, cloud servers, consumer electronics, CCTV systems, medical monitors, ATMs, and so on. Late last year, a group of researchers from Princeton and Purdue University demonstrated a new denial-of-service (DoS) attack against HDDs, which exploited a physical phenomenon known as acoustic resonance.
Read more about the ultrasonic attack technique that can be used to damage the integrity and availability of hard disk drives on Help Net Security.