Intel AMT Threat

Intel AMT Threat

Intel AMT Threat

No Comments on Intel AMT Threat

Last week we wrote about the Spectre and Meltdown vulnerabilities in the Intel, AMD and Atom processors, and this week we bring you an equally serious threat that allows attackers to breach a laptop computer within seconds.

Intel Active Management Technology is a hardware-based solution in Intel vPro based systems. The technology help system administrators access a machine when power is off, there’s no operating system or management tools are missing or in case of an equipment failure.

The attack is implemented by activating the firmware, which is connected to the system BIOS, and allows you to perform operations such as accessing local storage, a web browser, obtaining an IP address and network access, accessing peripheral data storage devices. Your windows password and hard drive encryption do not matter.

The key issue is that the firmware, a small secondary processor built into the Northbridge chipset, is always accessible and shares the same default password as every machine containing the chip.

Even if Intel or PC manufacturers had selected the computers MAC address, serial number or service tag it would be more secure than sharing the same default password as every vPro supporting PC on the planet.

This threat is mostly affecting corporations and institutions, but affects anyone with a PC that has the vPro technology.

A compromised machine can be used to access network resources or monitor network traffic, each which puts servers at risk for data theft, hacking, malware attacks and infections. For this reason it’s vital that businesses address the vulnerability as quickly as possible.

Our recommendation as a modest solution until Intel offers a more permanent fix is changing the password to something unique, and never use the same password on more than one device.

This threat requires physical access to the machine, so we recommend limiting or logging physical access to unattended machines, and physically locking up any laptops containing sensitive data when they’re not in use or consider alternative storage solutions for increased data security.

About the author:

Justin Soenke is a trend-based serial entrepreneur and thought leader in the areas of cyber-security, web design, SEO, social media, eCommerce and managed IT. Justin has overseen the creation and success of over a dozen companies in the technology, security and media sectors, and is the contributing source for his SB Design Blog, SB Tech Blog and SB SEO Blog among regular contributions to many outside blogs and websites, all for our clients.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow & like us :)

Subscribe to Emails

Our Address

Mailing Address
Phase 3 Enterprises, Inc.
PO Box 369
Santa Barbara, CA 93116

Call Us Today!

Contact our team of professionals — your single point of service for all your IT, Web design and SEO needs.

Phone Support Hours
Mon - Fri: 8am to 5pm
tel 805.964.3235
fax 805.715.8107