RSA security attack demo deep-fries Apple Mac components

[techbeck]

Network World - San Francisco --  How bad can cyberattacks get? How about burning the internal components of a machine, whether PC or Mac, to a crisp so there's no thought of it being recoverable? That's what security vendor CrowdStrike showed could be done to an Apple Mac OS X today at the RSA Conference.

 

?We can actually set the machine on fire,? said Dmitri Alperovitch, chief technology officer at CrowdStrike, who joined with the security firm?s CEO George Kurtz to show exactly how this kind of attack can be carried out on an Apple OS X computer. Alperovitch added the demo done at the Moscone Center would be controlled to raise the temperature level of the targeted Mac to permanently damage the electronics, not ignite it, since this after all was a public venue at the Moscone Center where fires would not be countenanced.

 

The cyberattack demonstration  ?frying the machine? was done by targeting the machine?s APC embedded controller through a fake firmware update devised by CrowdStrike that spiked the CPU and turned off the fans.

 

The point, said Alperovitch, is this is a type of cyberattack that enterprises really can expect to see happen in the future, an attack that is not recoverable in terms of data or the machine itself.

 

?This is the next-generation permanent destruction,? warns Kurtz. It involves attacking hardware itself ? and far more than just a Mac OS X can be manipulated this way ? and this is ?what we believe will happen in the real world.? In contrast, most other types of cyber-attack currently can be regarded as ?recoverable? in the sense that even though damage is done, there is usually a way to restore systems or retrieve data.

 

But now, ?we are entering a new age of targeted destruction attacks,? Kurtz concluded.

 

http://usanews.co/rsa-security-attack-demo-deep-fries-apple-mac-components-network-world/

[Aergan]

Run Prime and Speedfan at 0%, same result on a Windows Machine. Both applications come from sites not on any blacklist filtering.

[SierraSonic]

Run Prime and Speedfan at 0%, same result on a Windows Machine. Both applications come from sites not on any blacklist filtering.

I think that the safeguards that reset or turn off a system are bypassed with this method, unlike with those apps.

[rr_dRock]

The cyberattack demonstration  ?frying the machine? was done by targeting the machine?s APC embedded controller through a fake firmware update devised by CrowdStrike that spiked the CPU and turned off the fans.

 

 

Run Prime and Speedfan at 0%, same result on a Windows Machine. Both applications come from sites not on any blacklist filtering.

 

Neither of those are available on the majority of Windows machines, even if you picked one specific model line. Whereas this controller is a piece of hardware that is available on every machine in that model range. Not comparable at all.

That said, I'm sure there is a similar attack that could be done on ANY piece of hardware, whether its running Mac, Windows, Linux....

[exotoxic]

Its a wonder certain governments are not using this against certain other governments.

[Mr. Gibs]

Run Prime and Speedfan at 0%, same result on a Windows Machine. Both applications come from sites not on any blacklist filtering.

Depends. Most CPUs are able to withstand upto 130C. However Windows will usually bluescreen and shut down once your CPU hits 100C.

[r41n]

Sure sucks to be the victim of this kind of attack, however, and sorry for my ignorance here, how is frying the CPU considered unrecoverable data loss?

Even if the CPU is set on fire, you probably would be able to exstinguish the fire before your HDD is damaged, wouldn't you?

 

[Argi]

Sure sucks to be the victim of this kind of attack, however, and sorry for my ignorance here, how is frying the CPU considered unrecoverable data loss?

Even if the CPU is set on fire, you probably would be able to exstinguish the fire before your HDD is damaged, wouldn't you?

 

Presumably it's a proof of concept. If they can play around at that low of a level, they could most likely mess with other system components.

[techbeck]

 you probably would be able to exstinguish the fire before your HDD is damaged, wouldn't you?

 

Depends if you are around when the attack happens.  Plus, a lot of times when one component goes it can send a surge to other components and fry them.  Why I keep 2 backups of my data.  One at my place, and another at a family members.

[Raa]

Just enforces the need for signed firmware... many major manufacturers have gone this way already!