There are many ways to get into a person’s sensitive information on their computer, and recently a new cold boot attack has added to the list.

F-Secure (specifically two of their cyber security consultants, Olle Segerdahl and Pasi Saarinen), a cyber security company, recently shone light on a new way to physically hack into computers. Their method affects nearly all modern computers, sparing Macs fitted with T2 chips. Without going into specific details, an attacker gets physical access to a computer, for example a company laptop, manipulates the firmware settings so the contents of the computer’s memory isn’t overwritten upon restoration of power, performs a cold reboot with a USB key, and can get information such as encryption keys, passwords, and other data from the machines.

Luckily, there are easy ways to prevent this attack from affecting you or your company. A few ways you can do so are by keeping systems physically safe, shutting down/hibernating computers (because this attack can only affect computers in sleep mode), and requiring Bitlocker PIN entries upon restoring power to the computer.

If you want to learn more about this topic, you can visit F-Secure’s site here, where they give a report on their findings.

Meet the Author: