There's no immediate fix available for the new vulnerability, F-Secure said.
When computers are restarted, the motherboard firmware can wipe the RAM clean to remove any lingering data. They claim to have found a firmware vulnerability that can potentially let hackers with physical access to a computer turn off data overwriting.More news: Experts disagree on whether Dallas officer could be credible
The exploit, known as a cold-boot attack, which has been known to hackers since 2008, involves rebooting a computer without initiating a proper shutdown process, then scalping the residual data that briefly sits on the machine's RAM.
"The attack exploits the fact that the firmware settings governing the behaviour of the boot process are not protected against manipulation by a physical attacker", F-Secure wrote in a blog post. Freezing the RAM chips, though, helps preserve the data during this time, allowing booting into a live operating system from a USB stick. But F-Secure Principal Security Consultant Olle Segerdahl says once achieved, an adversary can successfully perform the attack in about 5 minutes. F-Secure's Olle Segerdahl and Pasi Saarinen found a way to rewrite the non-volatile memory chip that contains the security settings, thus disabling memory overwriting.
Segerdahl and Saarinenare are due to present their research at the SEC-T conference in Sweden this week, and at Microsoft's BlueHat v18 in the United States on September 27. And although the researchers have shared their findings with Microsoft, Intel and Apple, mitigations are still a work in progress.More news: Razer Phone 2 Image Digest
Interestingly, the vulnerability can not be fixed easily, and according to F-Secure, companies should be ready to deal with such attacks.
Their attack works on computers in sleep mode, since shut down and hibernation actions cut off the power, and cause the residual memory to quickly degrade beyond recovery.
The top recommendation from the experts is to configure laptops to shut down or hibernate instead of entering sleep mode. Educating workers, especially executives and employees who travel, about cold boot attacks and similar threats is also important.
Microsoft said it's updated its software to stop the attack.More news: Jamie Murray: Serena Williams' sexism claims are 'a bit far-fetched'
- Liverpool a step up for PSG, says Verratti
- Recalled Sane sets City on way to win over Fulham
- Florence pours on the rain amid fears of catastrophic floods
- Dutch 'expelled two Russian spies over Novichok lab plot'
- Hurricane Florence Dumps 'Epic Amounts of Rainfall' On US States
- Government to cut down non-essential imports: Arun Jaitley
- Revere man killed in shark attack at Wellfleet beach
- Ibrahimovic scores 500th career goal
- BMW shows off self-driving motorcycle
- Florence 'unloading epic amounts of rainfall' in North Carolina