Wednesday, Jan 16, 2019 | Last Update : 12:59 PM IST
Many users might think that a laptop with full disk encryption is secure but putting it in sleep mode can cause permanent harm.
The laptop is the main work horse for professionals who not only save their important files on it but a large amount of precious data and keys are also fed into it. However, the fact that these devices are highly vulnerable to cyber attacks and hacking cannot be ignored. Amongst various ways to harm a laptop, one of the most serious threats to these devices currently is cold boot attack which is possible especially when the laptop is in sleep mode.
Many users might think that a laptop with full disk encryption is secure but putting it in sleep mode and forgetting it can be your biggest mistake. According to a blog posted on F-secure, sleep is basically the most vulnerable state of a laptop. The team also created a video to provide a quick overlook on how this attack can be done.
This attack is not similar to the software or online-oriented attacks but it involves the thief getting physical access to your device. Once acquired, the hacker can fetch all the encryption keys and confidential information which is saved on the RAM. In case a laptop is not properly shut down or put on sleep, the saved data on RAM is possible to be pulled by connecting an external device.
The stealing process is just a few seconds task and all the hacker needs to do is change the firmware settings, overwrite the non-volatile memory and the RAM content gets ready to be slipped. Lastly, the thief gets access to boot your device with the help of an external connecting device.
The only way to avoid this is to make sure that no data is stored on the memory and that can be done either by shutting off the laptop properly or putting it in hibernate mode.
Manufacturers are constantly working on banishing such vulnerabilities off their devices and Apple claims that its current laptops, consisting of T2 chip, are safe from cold boot attacks. Moreover, Microsoft and Intel are other players hustling to churn out products capable of tackling this issue.