A data breach in Intel CPUs has been discovered once again by computer experts at KU Leuven.
The manufacturer was given one year to solve the problem by Jo Van Bulck, Frank Piessens, and their colleagues in Austria, the United States, and Australia.
Plundervolt, Zombieload, and Foreshadow are just a handful of the vulnerabilities that Intel has had to fix in the last several years thanks to the work of KU Leuven’s computer scientists.
“All of Intel’s previous security measures were required, but they proved insufficient to thwart our new attack,” says Jo Van Bulck of the KU Leuven Department of Computer Science.
“In some ways, this strike takes up where our foreshadow attack from last year left off. A particularly hazardous variant of this attack exploited the vulnerability of SGX enclaves, allowing the attacker to access the victim’s passwords, medical information, and other sensitive data.
The same vulnerability is used in Load Value Injection, but in the other direction: data from the attacker is smuggled into a software application that the victim is executing on their computer.
After that, the attacker can take control of the entire application and steal sensitive data like the victim’s fingerprints or passwords.”
On April 4, 2019, the weakness was identified. Despite this, the researchers and Intel decided to keep the information hidden for over a year. When data comes to cybersecurity, responsible disclosure embargoes are common, albeit they generally expire after a short amount of time.
“We wanted to give Intel plenty of time to resolve the issue. In some circumstances, the vulnerability we discovered is highly serious and difficult to address because the problem this time was not limited to hardware: the solution had to consider software as well. As a result, earlier hardware updates that had fixed previous problems were no longer sufficient. This is why we agreed with the manufacturer on an extremely extended embargo period.”
What are SGX enclaves, exactly?
Computer systems are built on several levels, making them extremely complicated. There are millions of lines of computer code in each layer. The danger of mistakes is high because this code is still created by hand. If this happens, the entire computer system becomes exposed to attacks. It’s like a skyscraper: if one of the floors is broken, the entire structure might fall.
Viruses take use of such flaws to get access to sensitive or personal data on the computer, such as holiday photos and passwords, as well as corporate secrets. Intel created an innovative solution in 2015 called Intel Software Guard eXtensions to safeguard its CPUs from such attacks (Intel SGX). This technique generates enclaves, or separate areas in the computer’s memory, where data and applications may be safely utilized.
According to researcher Jo Van Bulck, “if you think of a computer system as a skyscraper, the enclaves constitute a vault.” “Even if the building falls down, the vault should keep its secrets safe, including passwords and medical information.”
The system appeared to be unbreakable until August 2018, when KU Leuven researchers uncovered a flaw. Foreshadow was the name given to their assault. The Plundervolt assault in 2019 exposed another another flaw. Intel has issued patches to address both vulnerabilities.