Why direct-memory attacks on laptops just won’t go away
A dizzying array of organizations can be involved in the production of a laptop. One body puts out the specifications for the firmware, another vendor writes it and sells it to the manufacturer, and then another company makes sure it works with the device’s operating system.
While there are exceptions — Apple controls more of these processes in producing Macs — the overall complexity of the laptop industry’s supply chain makes security harder. One vendor builds protections into a laptop, but if another firm doesn’t configure them properly, the chance that the machine is vulnerable to hacking grows considerably.
New research from hardware security company Eclypsium shows why this challenge is so enduring. Eclypsium’s team of former white-hat hackers at Intel Corp. found two vulnerabilities in memory features of modern, “enterprise-class” HP and Dell laptops that could allow a skilled hacker to take control of the kernel, the computer’s core functionality, to execute malicious commands. The access enabled by the attack — executing code before the computer is even booted up — is insidious.
“[P]re-boot processes are an area of weakness across all laptops and servers from many manufacturers,” Oregon-based Eclypsium said in a report on its findings.
The researchers (who had physical access to the laptops they attacked) abused a computing capability known as “Direct Memory Access” that is built into modern laptops. DMA allows the machine to speed up its handling of data: Instead of having to route everything through the central processing unit, the machine can copy data directly into the laptop’s main memory system. But that efficiency can bring risk. With more areas of the laptop accessing sensitive, in-memory data, the attacker has more potential openings.
Adoption of built-in protections to block these attacks is slowly growing, but not fast enough in the researchers’ eyes.
They hope their findings will bring more urgency to the issue.
“A lot of times the actual adoption and correct uses of these features in the hardware …lags significantly behind when the feature is introduced in the marketplace,” Eclypsium researcher Jesse Michael told CyberScoop.
The simpler version of the attack saw the researchers plug their own gear into a common hardware port on a laptop and inject their code. For the hack of the HP laptop, Eclypsium’s team physically opened up the case of the laptop and accessed the internal hardware, which would be harder for an adversary pull off in practice because of the attention it might draw.
But not all DMA attacks require physical access. At the Black Hat hacking conference last year, researchers Ben Blaxill and Joel Sandin showed how DMA implants could be controlled wirelessly to allow an attacker persistent access to a machine.
“There’s some interesting things you can do if you actually have the resources to weaponize this into a full attack instead of just a proof-of-concept,” Michael said.
A traveling dignitary or corporate executive might leave their laptop unattended in a foreign hotel room. A DMA attack could allow a spy persistence access to the laptop with the target none the wiser.
A feature, not a bug?
DMA attacks are not new. In 2017, security researcher Ulf Frisk showed how a custom-built hardware device could conduct DMA attacks to, for example, remove password requirements on a laptop.
As researchers have investigated the issue, they’ve found a mismatch between the high expectations for modern hardware security and the inherent trust that DMA grants in a computer.
When DMA and some methods for implementing it were designed, “the hardware threat model was very different from today,” said Joe FitzPatrick, an instructor and researcher at training site SecuringHardware.com.
The computing interface known as PCIe, which most personal computers use to transfer DMA data, was established in 2003. Back then, FitzPatrick said, there was an assumption on the part of vendors that other devices within the hardware system were inherently trustworthy.
Mickey Shkatov, a researcher on the Eclypsium team, said that the enduring effectiveness of DMA attacks can feel discouraging to security researchers who have highlighted the issues for years. He then struck a more optimistic tone. “HP, Dell [and other hardware vendors] they do respond, they do fix these” security issues if researchers flag them.
While HP and Dell released security mitigations in response to the Eclypsium research, more white-hat hacking will likely be needed to prod the industry along.
“It’s going in the right direction, but it’s just taking longer than we had hoped,” Michael said of the industry’s response to DMA attacks.