Security researchers have discovered and documented a new variant of a cold boot attack, which allows bad actors to get passwords and data in just minutes.
F-Secure shared this video, which speaks for itself:
Researchers say hackers need physical access to the laptop, but if they get it, attackers can be looking at data on the laptop in about five minutes.
“Typically, organizations aren’t prepared to protect themselves from an attacker that has physical possession of a company computer. And when you have a security issue found in devices from major PC vendors, like the weakness my team has learned to exploit, you need to assume that a lot of companies have a weak link in their security that they’re not fully aware of or prepared to deal with,” says researcher Olle Segerdahl.
How to guard against cold boot attack
He points out there is no real way to stop the actual cold boot attack if motivated hackers get a device.
However, he says there are crucial steps InfoSec teams can take to minimize the impact of a cold boot attack.
- Encrypt the hard drive with something like BitLocker
- Configure computers to either shut down or hibernate but keep them from entering sleep mode
- Require users to enter a BitLocker pin when they power up their computers
