Friday, February 26, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Intel server-grade CPUs impacted by new NetCAT attack

September 11, 2019
in Internet Security
Intel server-grade CPUs impacted by new NetCAT attack
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: David Latorre Romero

Academics from the Vrije University in Amsterdam have detailed today a new attack on Intel CPUs.

Named NetCAT, this is a vulnerability in all Intel chips that support the Data-Direct I/O Technology (Intel DDIO) and Remote Direct Memory Access (RDMA) features.

You might also like

Why your diversity and inclusion efforts should include neurodiverse workers

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

This chart shows the connections between cybercrime groups

When these two features are enabled, academics have shown that they can launch an attack on remote, networked computers, and infer certain types of data that is being processed inside the CPU’s cache.

The attack watches for small variations in the time the CPU needs to process data, and then, based on these variations, guesses what data may have been processed.

This type of attack is called a side-channel attack, and usually requires two conditions: (1) attacker with physical access to a computer, or (2) malware installed on the computer.

However, members of the Vrije University’s Systems and Network Security Group (VUSec), have shown that the Intel DDIO and RDMA features facilitate a side-channel attack via network packets sent to a computer’s network card.

Intel DDIO feature at fault

At fault is the Intel DDIO feature. This is a CPU speed optimization feature that was specifically designed for Intel’s line of server-grade processors.

DDIO works by allowing peripherals, like the network card, direct access to write data inside the CPU cache, instead of RAM, as peripherals normally do.

The feature was developed for data centers and cloud computing platforms, where servers run on high-speed network connections, and where the RAM isn’t always enough to process all the incoming data.

DDIO helps offload the vasts amount of data a network card might be receiving or sending by writing it to the CPU cache, where more information can be stored and processed at far superior speeds than in the RAM.

The feature is a must-have for server-grade computers and the reason why Intel has enabled DDIO by default for all Intel server-grade processors since 2012 — such as the Intel Xeon E5, E7, and SP families.

The NetCAT attack

But in new reserch published today, VUSec academics have shown that sending carefully crafted network packets to a DDIO-capable CPU allows an attacker to keep an eye on what else is being processed in the CPU.

Attackers can’t use the NetCAT attack to steal just any kind of data from a remote CPU, but only data that arrives as network packets and lands directly in the DDIO shared cache.

While this sounds useless, the VUSec team have shown how NetCAT can accurately infer keystrokes entered in an SSH session taking place on the attacked machine.

“In an interactive SSH session, every time you press a key, network packets are being directly transmitted,” VUSec researchers said. “As a result, every time a victim you type a character inside an encrypted SSH session on your console, NetCAT can leak the timing of the event by leaking the arrival time of the corresponding network packet.”

“Now, humans have distinct typing patterns. For example, typing ‘s’ right after ‘a’ is faster than typing ‘g’ after ‘s’. As a result, NetCAT can operate statical analysis of the inter-arrival timings of packets in what is known as a keystroke timing attack to leak what you type in your private SSH session,” they added.

A NetCAT attack can work even if only the Intel DDIO feature is enabled; however, if the RDMA feature is also turned on, the attack becomes even more efficient.

*Remote Direct Memory Access, or RDMA, allows a computer to access another computer’s memory without interacting with either computer’s operating system data buffers. Therefore, networking speed and throughput are increased.

Patches not available

The VUSec team notified Intel of the NetCAT attack back in June, and Intel released mitigation advice today.

“Intel received notice of this research and determined it to be low severity (CVSS score of 2.6) primarily due to complexity, user interaction, and the uncommon level of access that would be required in scenarios where DDIO and RDMA are typically used,” an Intel spokesperson told ZDNet.

“In the complex scenarios where Intel DDIO and RDMA are typically used, such as massively parallel computing clusters, malicious actors typically don’t have direct access from untrusted networks.”

Intel’s recommendations include disabling the DDIO and RDMA features on affected CPUs, or limiting direct access to vulnerable systems from external, untrusted networks.

“Additional mitigations include the use of software modules resistant to timing attacks, using constant-time style code,” Intel added.

However, VUSec researchers dispute that using side channel-resistant (constant-time) software would help. Instead, they recommend disabling at least RDMA on affected CPUs, since this reduces the attack’s efficiency.

The NetCAT attack and vulnerability are tracked as CVE-2019-11184.

Credit: Zdnet

Previous Post

Prof. Chongchong Qi, A/Prof Qiusong Chen and other collaborators announce the idea of "Machine-learning aided design for cemented paste backfill"

Next Post

Why Workers Quit Their Jobs

Related Posts

Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
Chinese cyberspies targeted Tibetans with a malicious Firefox add-on
Internet Security

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

February 26, 2021
Next Post
Why Workers Quit Their Jobs

Why Workers Quit Their Jobs

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

AI and machine learning to help global battle with cancer
Machine Learning

AI and machine learning to help global battle with cancer

February 26, 2021
Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware
Internet Privacy

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

February 26, 2021
The Beginner Guide for Creating a Multi-Vendor eCommerce Website
Data Science

The Beginner Guide for Creating a Multi-Vendor eCommerce Website

February 26, 2021
How Artificial Intelligence, Machine Learning will further advance Ed-tech sector?
Machine Learning

How Artificial Intelligence, Machine Learning will further advance Ed-tech sector?

February 26, 2021
Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • AI and machine learning to help global battle with cancer February 26, 2021
  • Why your diversity and inclusion efforts should include neurodiverse workers February 26, 2021
  • North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware February 26, 2021
  • The Beginner Guide for Creating a Multi-Vendor eCommerce Website February 26, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates