New SSD Vulnerabilities Call for Deeper Endpoint Visibility and Control

By: Kim Ellery | 11/16/2018

Solid-state drives (SSD) have long been great tools because they automatically encrypt data stored on them and when the device is disconnected from its host device, the data on the SSD becomes unreadable. Additionally, hardware-based encryption uses fewer systems resources than software-based encryption so they were a perfect solution for data storage, or so we thought.

Earlier this month, it was reported that researchers from Netherlands’ Radboud University published a paper outlining how hardware encryption systems that are built into solid-state drives (SSD) can be bypassed, allowing intruders’ access to data assumed to be protected by the device.

A vulnerability was discovered that allows a drive to be removed or external drives accessed via the debugger port and the master password can be overridden. This then grants access and allows for complete recovery of the data without knowledge of any drive or encryption password.

According to researchers, this flaw impacts the following SSD models: Crucial MX100, MX200, and MX300 in all available form factors; the Samsung 840 EVO and 850 EVO in SATA variants; and the Samsung T3 and T5 USB SSDs.

Steps to Secure Your SSDs

Obviously if you don’t know how many SSDs are connected to your devices, you’ll need to start there. The Absolute Platform can help identify devices that have SSDs, determine their encryption status, the user and their location as well as identify sensitive data that resides on these devices, and perhaps most importantly, remotely delete this data when needed.




Figure one: building custom reports using filters

Next, Microsoft issued an advisory notice with instructions for checking whether BitLocker is using hardware or software encryption. If it uses hardware encryption, they recommend switching to software encryption. Samsung also recommended an update for their firmware. Ensuring this update is made (and others like it) is something one feature of our platform can also help you with. The reporting tool within the Absolute Platform will tell you whether or not updates are made and when you can rest assured yet another vulnerability has been addressed. Absolute can also ensure BitLocker is healthy and compliant on devices via Application Persistence.

Learn more about how Absolute allows organizations to see and secure all devices, data, applications and users on our website.

Financial Services