New NetSpectre-Class Attack Raises Device-Hardening Concern
Four scientists at the university have published findings on a new type of Spectre attack in a paper entitled NetSpectre: Read Arbitrary Memory over Network. The paper details a new CPU attack that can be carried out via network connections and does not require the attacker to host code on a targeted machine, a significant development for Spectre-class attacks.
“By manipulating the branch prediction, Spectre tricks a target process into performing a sequence of memory accesses which leak secrets from chosen virtual memory locations to the attacker. This completely breaks confidentiality and renders virtually all security mechanisms on an affected system ineffective,” the researchers wrote.
While Dod said the research is concerning from a device-hardening perspective, “The need for leak and transmit gadgets to be present on the victim’s computer makes it a less valuable approach. Today, threat actors have access to much easier tools to compromise victims – they won’t need to deal with the complexity and uncertainty of a network-based Spectre attack," said Mounir Hahad, head of threat research at Juniper Networks.
Some commentators agree that the industry could be moving too far into the weeds with the attacks as the likelihood of exploitation is so low. Brajesh Goyal, vice president of engineering at Cavirin, said, “The need for leak and transmit gadgets to be present on the victim’s computer also makes it a less valuable approach. Today, threat actors have access to much easier tools to compromise victims – they won’t need to deal with the complexity and uncertainty of a network-based Spectre attack."
Source: Information Security Magazine