Intel Thunderbolt Vulnerability Details Explained
Intel is exploring ways to make its Thunderbolt technology more secure, according to a prepared statement. The news comes after a report from the Eindhoven University of Technology (TU/e) provided insights into potential new cyberattack vectors that hackers may exploit to attack Thunderbolt hosts and devices.
TU/e researchers indicated that cybercriminals may use custom peripheral devices to launch physical attacks against Thunderbolt operating systems. In addition, they stated that Thunderbolt operating systems that lack kernel direct memory access (DMA) protection may be susceptible to these attacks.
Intel is encouraging end-users to check with their system manufacturer to ensure that past Thunderbolt mitigations have been integrated into their systems. It also recommends using only trusted peripherals in combination with Thunderbolt systems, preventing unauthorized physical access to these systems and following other cybersecurity best practices.
A Closer Look at DMA Protection on Thunderbolt Systems
Intel last year identified a DMA vulnerability that affected Thunderbolt, USB and other peripheral devices. The vulnerability enabled cybercriminals to use malicious peripheral devices to access system data and change the behaviors on systems with Thunderbolt or USB interfaces.
Previously, Intel implemented DMA protection to mitigate attacks on Thunderbolt systems running (Windows 10 1803 RS4 and later), Linux (kernel 5.x and later) and MacOS (MacOS 10.12.4 and later). TU/e researchers found that cybercriminals are unable to launch successful DMA attacks against systems with these mitigations enabled.
Thunderbolt allows end-users to connect multiple displays or devices via a single port or enjoy high-performance graphics on thin and light laptops, according to Intel. The technology also works in combination with the Intel Core processor family to improve PC performance.