A new hack called Hertzbleed can read snippets of data from computer chips remotely and could leave cryptography algorithms vulnerable to attack
16 June 2022
What is Hertzbleed?
Hertzbleed is a new attack that takes advantage of a power-saving feature common to modern computer chips in order to steal sensitive data. It has been demonstrated in the lab and could be used by hackers in the wild.
Most chips use a technique called dynamic frequency scaling, or CPU throttling, to increase or reduce the speed with which they carry out instructions. Ramping the power of the CPU up and down to match demand makes them more efficient.
In the past, hackers have shown that they can read these power signatures and learn things about the data being processed. This can give them a foothold to break into a machine.
The team behind Hertzbleed found that you can actually do something similar remotely by watching carefully to see how quickly a computer completes certain operations, then using that information to determine how it’s currently throttling the CPU. Demonstrating that such attacks can be performed remotely makes the issue much more dangerous, because remote attacks are much easier for hackers to carry out.
What does it mean for you?
Intel declined a request for interview by New Scientist, but admits in a security alert that all of its chips are vulnerable to the attack. The company said that, through such an attack, it “may be possible to infer parts of the information through…