Most computers today contain security measures to remove data stored in memory to prevent hackers from stealing sensitive information. Researchers at F-Secure have found ways to turn off security measures and use the cold boot to extract data.
“It’s not exactly easy to do, but it’s not a hard enough issue to find and exploit for us to ignore the probability that some attackers have already figured this out. It’s not exactly the kind of thing that attackers looking for easy targets will use. But it is the kind of thing that attackers looking for bigger phish, like a bank or large enterprise, will know how to use,” said F-Secure Principal Security Consultant Olle Segerdahl, one of the researchers.
Compared to the classic cold start attack, the new method requires extra steps, but it can effectively attack all modern computers tested by researchers.
There are currently no patches to fix new vulnerabilities. The researchers suggested adjusting the settings to let the computer automatically shut down or hibernate after turning off the screen instead of going into sleep mode.