San Francisco -- How bad can cyberattacks get? How about burning the internal components of a machine, whether PC or Mac, to a crisp so there's no thought of it being recoverable? That's what security vendor CrowdStrike showed could be done to an Apple Mac OS X today at the RSA Conference.
“We can actually set the machine on fire,” said Dmitri Alperovitch, chief technology officer at CrowdStrike, who joined with the security firm’s CEO George Kurtz to show exactly how this kind of attack can be carried out on an Apple OS X computer. Alperovitch added the demo done at the Moscone Center would be controlled to raise the temperature level of the targeted Mac to permanently damage the electronics, not ignite it, since this after all was a public venue at the Moscone Center where fires would not be countenanced.
The cyberattack demonstration “frying the machine” was done by targeting the machine’s APC embedded controller through a fake firmware update devised by CrowdStrike that spiked the CPU and turned off the fans.
The point, said Alperovitch, is this is a type of cyberattack that enterprises really can expect to see happen in the future, an attack that is not recoverable in terms of data or the machine itself.
“This is the next-generation permanent destruction,” warns Kurtz. It involves attacking hardware itself — and far more than just a Mac OS X can be manipulated this way — and this is “what we believe will happen in the real world.” In contrast, most other types of cyber-attack currently can be regarded as “recoverable” in the sense that even though damage is done, there is usually a way to restore systems or retrieve data.
But now, “we are entering a new age of targeted destruction attacks,” Kurtz concluded.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org