Because of poor security design of energy management systems in most modern computing devices, new types of attacks are possible, researchers said.
In most computers and mobile devices, for very obvious reasons, energy management is an important feature.
Energy management makes it possible to boost battery life, which improves mobility and can reduce costs.
As it is with most things, the original focus has gone on efficiency, while security became an afterthought.
Along those lines, Adrian Tang, Simha Sethumadhavan and Salvatore Stolfo, a team of researchers from Columbia University, wrote a paper outlining an attack method they called “CLKscrew.”
They showed how an attacker could exploit the lack of security mechanisms in energy management systems to carry out a remote attack and obtain sensitive data.
Using the ARMv7 architecture, a Nexus 6 smartphone was used in experiments, the researchers conducted their experiments.
While they used the one specific phone, they are confident the attack would work against other devices and architectures.
The energy management system analyzed by the researchers is the widely used dynamic voltage and frequency scaling (DVFS).
The attack showed how a remote hacker could use a malicious kernel driver loaded onto the targeted device to exploit security weaknesses in DVFS and breach the ARM Trustzone, a hardware-based security technology built into system-on-chips (SoCs).
An attacker can use the method to extract secret crypto keys from Trustzone, and escalate privileges by loading self-signed code into Trustzone.
Researchers said this type of attack is much more efficient than attacks involving physical access to the targeted device because it can be carried out remotely and it bypasses many of the requirements and barriers of a physical attack, such as the need for soldering equipment and the ability to overcome existing physical defenses.
“Despite the ubiquity of energy management mechanisms on commodity systems, security is rarely a consideration in the design of these mechanisms,” the researchers said. “In the absence of known attacks, given the complexity of hardware-software interoperability needs and the pressure of cost and time-to-market concerns, the designers of these mechanisms have not given much attention to the security aspects of these mechanisms; they have been focused on optimizing the functional aspects of energy management. These combination of factors, along with the pervasiveness of these mechanisms, makes energy management mechanisms a potential source of security vulnerabilities and an attractive target for attackers.”
In the future, the researchers said, “to prevent these problems, a coordinated full system response is likely needed, along with accepting the fact that some modest cost increases may be necessary to harden energy management systems.”