Many people still use Windows 7, 8, and 8.1. However, with a plethora of updates from Microsoft asking users to make the switch to Windows 10, at least 50 percent of them have done so. Even so, research says users are still vulnerable to security risks. Here's why.
With the advent of Thunderbolt 3, Intel's new connectivity standard that combines Thunderbolt, USB, DisplayPort, and power, transferring information from one device to another has become easy. Unfortunately, this enhancement has also increased the attack surface of the above operating systems. Let's walk through the details of how the attack surface has broadened in the name of direct memory access (DMA) attacks.
A DMA attack is the exploitation of a computer's ports to access sensitive data. When an external device plugs into a computer, it automatically connects with the DMA. All the OS security policies are bypassed, allowing the connected device to access and directly read or write sensitive data, presenting an opportunity for a DMA attack.
Windows Defender Advanced Threat Protection offers a feature called Kernel DMA Protection that provides input-output memory management unit (IOMMU) protection for computers, allowing only legitimate devices included in a whitelist to connect to specific regions of the memory. The objective of this feature is to prevent DMA attacks via malicious devices, eliminate unauthorized file transfers, and prevent data leakage.
If your organization runs on Windows 10 version 1803 and you are concerned that your computers are on the verge of DMA exploitation, you can protect your organization’s computers by implementing data loss prevention software like Device Control Plus.
Device Control Plus offers a multitude of features that cover every aspect of data loss prevention (DLP) for physical endpoints. Device Control Plus' Zero Trust model prevents the entry of unauthorized and malicious devices into your network by utilizing trusted device lists. Unless a device is included in the list, it will not have the privilege to access your endpoints. Learn more about trusted device lists here. Download a free, 30-day trial of Device Control Plus and try out these features today!