The issue with the reality, is that sooner or later reaches us. Now a new and troubling discovery made by specialists of the way of cyber security F-Secure has brought to light a flaw in the firmware of almost all the laptops that are modern, regardless of whether they are PC or Mac.
According to a report by Tech Crunch, the bug in the firmware allows hackers to steal access codes to the RAM to force a shutdown when they have access to the equipment of physical shape. This method is known as attack of cold start and allows robaríamos and information in a matter of minutes with just the use of specialized hardware.
The only good news is that these attacks can be performed only with the physical computer, that is to say that the vulnerability cannot be exploited remotely, although it is sufficient that a cybercriminal in contact for five minutes with a computer to access sensitive data.
The attack is possible because the RAM of a computer is empty of data when it is turned off, but to force a shutdown of the device in a different way to the process of shutdown common prevents this memory is released, so that the data stored therein during operation of the device will still be there after you lose the energy.
After turning off the computer, the information contained in the memory RAM can be extracted using software loaded on any portable storage device, such as a USB, which gives access to networks and servers connected to the computer, in addition to their data. Enough five minutes of leaving the computer unattended for an expert to perform the maneuver.
According to Olle Segerdhal, principal security adviser for F-Secure, which is difficult to prevent this type of attacks because the companies that use these computers are not prepared to stop threats that involve physical contact with the computers.
According to the news agency Europa Press, the advisors of F-Secure have put to large companies such as Intel, Microsoft and Apple-to-date and recommend to these firms methods to be prepared in case of gap, between which are configured to hibernate instead of entering sleep mode every time you are stopped, to prepare workers and alert them on the necessity of having prepared plans of action that might invalidate the credentials for access in case of a violation.
Coolest-hacks.com and Partners.