A failure allows access to computers with Thunderbolt even if they have a password

• Security: Why you shouldn't open the links that reach you in a message
• Phishing: Beware of orders: this is how cybercriminals take advantage of home delivery

Björn Ruytenberg, a researcher at Eindhoven University of Technology, has discovered seven vulnerabilities in Thunderbolt ports that can be exploited to attack any Windows or Linux machine (macOS is not affected) manufactured before 2019 and without trace, although it needs access physical to the device.

The technique, which he has called Thunderspy, can bypass the blocking screen and even encryption in a matter of minutes. In some cases, yes, you would need to remove the computer case with a screwdriver, so it is not so easy to carry out the attack without raising suspicions.

The problem is that after accessing the computer, there would be no evidence of the attack and, in addition, there is no way to solve the failure using software. Therefore, the only way to protect yourself would be to disable the port or never leave the computer.

"If your computer has one of these ports, an attacker who has access to it can briefly read and copy all your data, even if the disk is encrypted and your computer is locked," he explains on his website.

Also, unlike phishing or malware attacks, you don't need user 'help' to download a malicious program or follow a link. Common sense, passwords, locks, and encryption - the measures recommended by security experts - can't do anything against Thunderspy. "All the attacker needs is five minutes with the computer, a screwdriver and easy-to-carry hardware."

To find out if a computer is affected by the vulnerability, it is possible to download a program developed by these researchers or simply look at the USB-C or MiniDisplay port: if it has the Thunderbolt logo (lightning), the computer is exposed to a attack using Thuderspy. If it is after 2019, yes, it could support Kernel DMA protection that would mitigate the scope of a possible attack.

What can I do to protect myself?

The researcher presents two scenarios to protect himself. In the strictest it directly recommends to stop using Thunderbolt and disable the port (in principle, they explain, it could be used to load, but not for the other functions).

In the case of not being able -or not wanting- to renounce the port, the recommendation is to connect only our own peripherals and never leave them to another person (could replace or modify them), never leave the equipment unattended if it is turned on (even if it is blocked the screen with password) and also do not stop paying attention to the peripherals. The safest thing will be to turn it off or leave it to hibernate.

In accordance with the criteria of The Trust Project

• Microsoft
• Stay at home

TricksHow to take advantage of the days at home to tune up your mobile

Tips Be careful with orders: this is how cybercriminals take advantage of home delivery

Technology Why WhatsApp has no advertising (yet)