A new hack called Hertzbleed could make it easier than ever to read snippets of data from computer chips remotely and potentially even leave cryptography algorithms vulnerable to attack. What’s the deal with this new computer chip hack? Let’s take a closer look at Hertzbleed and see how it works...
What Is a Side Channel Attack
Side channel attacks refer to a class of vulnerabilities that exist when adversaries exploit unprotected information from an external source. This generally happens by breaking into systems and then observing what’s happening in or around them, or by figuring out ways to make computers leak data on their own (for example, via power consumption or heat). One famous example is Spectre, which was revealed last year and affects chips from Intel, AMD, ARM, and others. These security flaws have generated a lot of attention in recent months as they require hardware makers to rework how their chips work in order to protect against breaches. Some chips are being redesigned while others are receiving software updates that can patch flaws without requiring an entirely new chip design.
How Does an Attacker Use Side Channels Against Encryption
When data is encrypted, it’s put through an algorithm to scramble it into a format that looks like random noise. For example, when encrypting credit card information with encryption software such as HTTPS, data is run through three separate algorithms before it’s safe to send. The first two convert from one format to another (e.g., raw bits of ones and zeros into plain text). The third combines all of these previous algorithms using what’s called a chaining mode, which essentially creates a secret key or password used to decrypt each part.
The latest attack works by taking advantage of flaws in a feature called side channels. Side channels are unintentional information leaks about what’s happening in a computer chip—information that could be used to access, or spy on, data processed by a chip. Side channels also allow hackers to track and monitor your every move online. But now researchers have developed an algorithm that can use side channel attacks to read snippets of data from computer chips remotely, including those with advanced encryption capabilities like RSA, ECC and ElGamal encryption.
Who’s at Risk From This Attack?
It’s likely that most people won’t need to worry about Hertzbleed. The attack requires a radio transmitter and receiver to be within 60 feet of a targeted computer, which is within range of WiFi and Bluetooth signals. All in all, it’s an advanced form of hacking that probably won’t have an effect on everyday Internet users or enterprises. Of course, if you work with sensitive information or are a public figure, you should consider updating your software as soon as possible to minimize your risk.
You can minimize your risk from Hertzbleed by installing patches and updates as soon as they become available. You should also enable two-factor authentication for your sensitive accounts and try to keep your computer software up to date. Given that Hertzbleed is hard to replicate, there’s a good chance you won’t see hackers or cybercriminals exploiting it any time soon, but you should still be wary of spear phishing attacks that could trick you into installing malicious programs on your computer. If an email link looks too good to be true, trust your instincts—the information might not be safe.
How Can I Protect Myself From HertzBleed Attacks
HertzBleed is a new computer chip hack that could expose sensitive data. The flaw in affected chips from Intel, AMD, and ARM allows attackers to extract information from computers via electromagnetic radiation (EMR). It can do so with a range of about eight inches. The problem also affects Intel's Software Guard Extensions (SGX) and Linux Kernel Virtual Machine (KVM), so if you’re using them you’ll need to ensure they’re up-to-date. In addition, Ubuntu and Debian have released patches to address the issue. So far there are no known attacks exploiting HertzBleed, but security experts urge users to update their systems just in case.
If you’re concerned about your exposure to EMR or worried about how to protect yourself from HertzBleed attacks, it might be time for a new router. Routers with built-in encryption help protect your network against hackers by encrypting all traffic between your devices and your ISP. This makes it harder for hackers to intercept or steal data as it travels over Wi-Fi networks. If you're looking for ways to stay safe online, look into getting an encrypted router like our pick for best wireless router—the TP-Link Archer C9 AC1900—which has WPA2 encryption built right in.
Stay Safe Online With DDoS Protection
Distributed denial-of-service (DDoS) attacks occur when a website or service is deliberately targeted by a flood of incoming traffic. While online, users are unwittingly sending information to a computer controlled by an attacker. DDoS attacks are generally used for malicious purposes and can shut down websites, rendering them inaccessible for legitimate users. Luckily, you can prevent DDoS attacks through careful planning and preparation, as well as with cloud security products designed to counter DDoS traffic. These tools include network intrusion detection systems that monitor all network activity and then alert you to any suspicious behavior; they also include network protection services that filter out threats before they reach your servers.
The best way to protect yourself against DDoS attacks is through a layered approach. This means that you'll have multiple tools in place to catch and block traffic from malicious sources, including firewalls that screen all incoming requests for threats; intrusion detection systems that constantly monitor network activity for suspicious or malicious activity; and network protection services designed to filter out unwanted traffic. You can also spread your resources across several cloud providers, so if one platform is under attack, you can quickly move your data to another provider. It's important to have a plan of action in place before you're faced with an attack—the last thing you want is for your business (or even your online presence) to be forced offline by an event outside of your control.
Why Are Computers Hacked and What Can We Do About It?
Computers can be hacked in order to steal information and other data. Once a hacker gets into your computer they can see what you are doing and then use your personal information against you. The internet is littered with stories of people getting their identities stolen or credit card numbers used to buy things online. It is a scary reality of today’s technological world that we have to live with for now. There are several ways you can protect yourself from hackers, such as using secure internet connections or passwords, encrypting files, backing up data frequently and using anti-virus software on your computer.
0 Comments