IT security is constantly under threat, and there is an ongoing race between malware developers – seeking new, more sophisticated ways of hacking data – and the anti-malware community, which is on a mission to stop them
A new threat has been detected by Berlin-based security researcher Patrick Stewin. Stewin realised the vulnerability of computer graphics and network cards, which have independent execution environments but with direct memory access (DMA) to the host runtime memory. Such graphics and network cards can harbour malware and launch an attack on the host using DMA.
To demonstrate this as part of his research, Stewin launched DAGGER, a keylogger which attacks Linux and Windows platforms.
Stewin said: “DMA-based attacks launched from peripherals are capable of compromising the host without exploiting vulnerabilities present in the operating system running on the host. Therefore they present a highly critical threat to system security and integrity. Unfortunately, to date no OS (operating system) implements security mechanisms that can detect DMA-based attacks. Furthermore, attacks against memory management units have been demonstrated in the past and therefore cannot be considered trustworthy.”
The German government is currently funding research to find a method of reliably detecting malware that takes advantage of this vulnerability.
This latest news shows the importance of holding ISO 27001, which demonstrates a company takes seriously any threat of security to its data. Having ISO 27001 cannot guarantee a business won’t be hacked but it does show that all possible measure are in place to prevent it from happening.