Thunderbolt Connection Flaw Places Millions of PCs Under Hacking Threat

Dutch researcher, Björn Ruytenberg of the Eindhoven University of Technology, demonstrated how hackers will be able to access personal information of millions of PC users using the Intel Thunderbolt port on Sunday, as reported by Wired.

He coined the term Thunderspy for this new security breach method.

According to his research, Thunderspy will target only those PCs that have been manufactured prior to 2019 and have a Thunderbolt port only.

Any hacker who gets brief physical access – even five minutes – to a computer can read and copy your data irrespective of whether it’s encrypted or not. Even top security measures won’t be able to stop this hands-on hacking.

The only tools that the hacker needs? Some time alone with the computer, portable hardware, and a screwdriver.

What makes it worse is that users won’t be able to find any proof of the attack. This is primarily because there is absolutely zero involvement on the user’s part.

Sadly, Ruytenberg has also confirmed that the vulnerabilities discovered in the Thunderbolt connection cannot be fixed in software and instead, a complete hardware redesign would be required.

The researcher has even published a video demonstrating how the attack would be performed.

The video starts by showing Ruytenberg removing the backplate of a password-protected Lenovo ThinkPad laptop, and attaching a small device to the inside. He then disables the security and gets instant access to the computer after restarting it – even after not knowing the password.

It takes him only five minutes to get access to confidential data on a laptop, which ideally he shouldn’t have been able to open.

Interestingly, Apple’s Macs have been offering Thunderbolt connectivity since 2011 as well.

MacOS systems will indeed be vulnerable to attacks, but researchers have said that it will only be “partially affected” by Thunderspy.

Luckily, Ruytenberg also offers safety advice to PC users.

He suggests disabling Thunderbolt ports on the computers in the machine’s BIOS followed by enabling the hard drive encryption. Ruytenberg also urged users to turn off the computer before leaving it unattended.

Furthermore, researchers have predicted vulnerability for USB 4 controllers and peripherals too, and suggest thorough testing for the same once they’re available. 

Photo Credit: Przemyslaw Marczynski

About The Author