All your data will be erased in Ten… Nine… Eight…

Mr. Vitaly Kamluk, Kaspersky Lab’s security researcher, enters the stage, goes over a certain number of slides, and then proceeds to do a live demo. He warns the audience about

Mr. Vitaly Kamluk, Kaspersky Lab’s security researcher, enters the stage, goes over a certain number of slides, and then proceeds to do a live demo. He warns the audience about possible consequences: some laptops connected to the local WiFi network that have a certain anti-theft protection software running may be erased. Next goes the countdown from ten to zero and, well, nothing happens. It was a joke. The real demo goes on, showing how a brand new laptop with factory settings and out-of-the-box software can be completely wiped against the will of the owner.

This presentation was part of Kaspersky Lab’s Security Analyst Summit 2014 that took place this February. It covered certain imperfections in the anti-theft system named Absolute Computrace, which is available on a wide range of laptops. A report was published soon after at Securelist that detailed all the technical facts. Here we will just focus on the basics:

  • By design, Absolute Computrace provides anti-theft features. This means that, in the event of the loss or theft of your laptop, an owner can remotely wipe all data. Of course, to be able to do that, one has to properly activate the service and install any necessary software.
  • Our researchers found evidence that on certain laptops, the Computrace software modules were activated without owner consent.
  • The way these software modules communicate with Absolute servers is far from perfect. Such communications (once again, in some cases performed without user authorization) are not encrypted and can be potentially exploited by a cybercriminal. Which was demonstrated at the Security Analyst Summit.

Currently there is no evidence that Absolute Computrace is being used as a platform for attacks, but, unfortunately, the potential for this does exist. In a later response, Absolute claimed that some vulnerabilities of their solution were resolved back in 2009. But our researchers’ analysis focused on the more recent version, released in 2012.

 Apart from the Windows part of Absolute software, a large number of laptops have Computrace modules embedded in BIOS.

Apart from the Windows part of Absolute software, a large number of laptops have Computrace modules embedded in BIOS.

The most important outcome of this story is that you can never be 100% certain that your computer, smartphone or tablet is immune to malicious actions.

you can never be 100% certain that your computer, smartphone or tablet is immune to malicious actions.

There has been a lot of discussion recently about the protection of critical infrastructures – power plants, factories, etc. being complicated, vulnerable and requiring special protection methods (more on the topic here). However, frankly, the laptops of your employees, your web server or cloud infrastructure are highly complex as well, although they are based on common hardware and software. Their operation and stored data are critical for your business. Fortunately, most companies do not have to deal with things like Programmable Logic Controllers, but the need for tools to secure your data, back it up and protect it against cyberattacks is evident.

If you are running a small business, the need to protect is especially important. Despite the fact you may use just a few laptops for your operations, it is still a piece of highly complicated machinery. Most likely there is no full time specialist to take care of security at the same time. Thankfully, solutions, like our Kaspersky Small Office Security, offer the above mentioned (and some additional) features in one easy-to-use solution.

Back in the 60s, NASA used ancient, by today’s terms, computers to control a manned mission to the Moon and back. The laptop that I’m using to type this blog post is tens of thousands of times more powerful. Even my solid-state drive has its own processor to store data. This laptop is almost always online, and aside from the standard web, chat and file transfer features, it produces a significant flow of information to keep things running smoothly. Apart from the word processing program, it currently runs 50+ different programs and hundreds of services, which are all designed by people, and some of them are prone to vulnerabilities. So, back to the key topic. You can never be 100% sure that you are protected. By executing some simple measures you can reduce the chances of data loss or a successful attack to zero.

Tips