By exploiting vulnerabilities in the processors, malicious parties can gain access to all data on computers, laptops and servers, such as passwords and other sensitive information. The vulnerabilities in all Intel chips have been made since 2008, making hundreds of millions of devices susceptible, Herbert Bos explains to RTL Z.
The professor of computer security spearheaded the researchers from VU University Amsterdam who discovered the vulnerabilities. “Through the leak, you can leak passwords, but also other sensitive data that you may have on your PC or server.”
How big is the leak?
The vulnerabilities found are very serious, says Bos, because there are so many computers and servers that can be affected by them. Intel chips are by far the most popular among manufacturers of desktops, laptops and servers.
Nearly 1.5 billion PCs and laptops were in use by the end of last year, according to figures from market researcher IDC. The vast majority of them use Intel processors. Over the past four to five years, Intel has had a global market share of 80 to 90 percent.
Smartphones and tablets with Intel chips remain unaffected. The leaks were not found there.
How does the leak work?
Using a smart trick, researchers were able to access all the data that a computer processes, Bos explains. It abuses calculations that a processor in your computer makes speculatively.
“In order to work efficiently, a processor uses data that it thinks you want to use,” says the professor. “The processor does not check whether this data can be given and preloads this data.”
The leak makes all that information available unsecured. “We used a program where we got the hardware, the processor, to do something wrong. That way, we actually got access to all the information that a computer processes.”
No visible traces
It is not clear whether hackers or other malicious parties actually used the leak to loot data, Bos says. This is because exploitation of the leak leaves no visible traces. “We just know that the leak has been there for a long time and it could have been abused all along.”
How dangerous is the leak?
Because the leak leaves no trace, it is attractive for the attackers to abuse, Bos says. You do not really need to break into the computer.
The dangerous thing is that it does not matter what you do as a citizen. “To be affected by this, you do not have to respond to phishing emails or visit unsafe websites. Your software may be completely updated and you may still lose your information.”
Intel has said in an official response that it has fixed the vulnerability of the latest processors they sell.
For other processors, Intel has announced software updates available today. “We encourage everyone to keep their system up to date as this is one of the best ways to stay safe.”
Apple has already released an update to its MacOS operating system that was supposed to close the leak, Bos says. Microsoft is releasing an update for Windows today.
Intel has no control
This is the third time in just over a year that there has been a major leak at Intel. Last year, hackers were also found to be able to access data on computers through the Meltdown and Specter leaks. “It’s an indication that Intel has no control,” Bos says. “Obviously, it’s very difficult for them.”
Melting down affected all PCs, laptops and servers with Intel chips. Specter also made chips from manufacturers ARM and AMD vulnerable. This summer another leak came over: L1TF. “It was less big, but also very serious.”
More dangerous than ransomware and phishing?
Despite the seriousness of the leak, Bos considers it more likely that consumers will be affected by ransomware and phishing: popular ways in which hackers can steal data from ‘regular users’.
“Companies should be more concerned about this leak. A CEO of a company would be a good target for such a more targeted attack,” says Bos.
Even more secure
But in addition to these measures, computer users should also do something, says the professor. “It turns off hyperthreading, a technology that allows processors to perform multiple tasks. That’s not what Intel says, but that’s what we say.”
“Intel says you can turn it off, but you do not have to. But I believe the problem is so complicated that you can not solve it properly without turning it off,” he expresses his and his research colleagues’ opinion. .
Disabling this option is not something the average computer user does easily, so the professor refers to an instruction from the tech site PCMag, where this is explained step by step.
He’s not that bad: it’s not a guarantee that this will work on all computers. Disabling this setting may be difficult for some computers.
Reward: 100,000 euros
The researchers at VU came across the leak by accident. “We even had an error. One of our students was asked to investigate something. Due to an error in his code, he saw all kinds of data that did not belong to him.”
It was September 11 last year. The next day, researchers informed Intel. The chip maker gave the researchers a reward of 100,000 euros.
To show that the leak was also in older processors, the researchers had to look for old computers that also contained the chips. “We tried to buy all the processors we could find through Marktplaats and other providers. For older chips were not easy to find in the stores.”
The researchers had to keep the leak hidden for almost nine months so Intel could fix the problem.