Sleepwalk: a sophisticated way to steal encryption keys www.kaspersky.com/blog/slee…

Information security has multiple layers of complexity. Effective yet technically simple attacks through phishing emails and social engineering are well known about. We also often post about sophisticated targeted attacks that exploit vulnerabilities in enterprise software and services. And among the most sophisticated are attacks that exploit fundamental hardware features. Although such attacks aren’t cheap, the cost doesn’t deter all threat actors. Or at least researchers.

Researchers at two US universities recently published a paper with a fascinating example of an attack on hardware. Using the standard operating system feature for switching between tasks, the researchers developed an attack they named Sleepwalk, which can crack a cutting-edge data encryption algorithm.