Security experts are warning of a major computer bug called “Thunderspy” that allows hackers to access protected files through Thunderbolt ports. Thunderspy takes advantage of an issue in the Thunderbolt port used in many modern electronic devices.
In order for the attack to happen, the hacker would need physical access to the device, but gaining access to personal and sensitive information only takes minutes. With the hacker physically having the device, the bug in the Thunderbolt port grants the cybercriminal access regardless if it is locked, encrypted, and password protected.
One of the biggest concerns is that the attack happens stealthily, leaving no trace. The owner of the device does not have to do anything to be hit by the bug. Thunderbolt ports allow quick transfer of files between devices, but to achieve this the ports can access central parts of a device’s architecture, which can grant hackers easy access. The Thunderspy bug allows cybercriminals to break through sophisticated security measures to access your personal and sensitive data.
In order to protect against the bug, researchers have built a special website (also named Thunderspy) that will check your computer’s vulnerability. If vulnerable, the website will also give you advice on mitigating steps to take.
Intel, the maker of the Thunderbolt port, is aware of the bug, and updated operating systems earlier this year to protect against future attacks. Security researchers have also noted that the update has not been made available to all device makers, including Dell, HP and Lenovo.