HP has announced a hardware solution focused on stopping physical attacks on the TPM bus. It is about HP TPM Guardand has been presented through the first business laptop that has it incorporated to avoid and prevent physical access attacks that circumvent BitLocker drive encryption.
Companies have long used BitLocker to protect the sensitive data their employees work with on their computers if the computers are lost or stolen, but vulnerabilities discovered in recent years can allow an attacker with physical access to a device to bypass BitLocker protection and extract information.
These attacks are carried out through a technique known as a TPM bus attack, and are based on the attackers intercepting the communication between the system’s certified Trusted Platform Module (TPM) and the CPU, and can be carried out in less than a minute. To do this you only need to invest about 20 dollars in hardware and learn some simple guidelines.
HP TPM Guard protects against this threat by introducing an encrypted link between the TPM and the CPU, preventing eavesdropping attacks and system scanning. The TPM is cryptographically linked to the device, allowing it to be rendered useless if it is removed or tampered with.
In this way, the aforementioned security gap is closed, without IT teams having any further complications to do so. In view of its effectiveness, HP has already submitted a proposal to the Trusted Computing Group to provide TPM Guard technology as an industry standard.
Ian Pratt, Vice President of Security and Technical Director, Business Systems, HP Personal Systemshas mentioned that «Computers now store large amounts of sensitive information, and new multimedia AI applications are overloading teams’ workloads and pushing them to the limit. While BitLocker was once relied upon to protect data, today an attacker with just a couple of hours of training and a $20 hardware kit can bypass that protection.«.
Pratt has also highlighted about HP’s solution and its purpose that they have «developed a hardware and firmware solution, in close collaboration with our chip manufacturing partners, that prevents all these types of threats, offering the strongest protection that customers have been requesting. This solves a problem that affects the entire sector and will be strategic for all companies, especially those in regulated sectors, public administration and other organizations that manage highly sensitive information on their computers and need to take all precautions to protect their data.s».
New features in HP Wolf Security
HP has also strengthened security on its business PCs with the integration of new HP Wolf Security features, focused on increasing the synergy between Workforce Experience Platform (WXP), HP Wolf Security and the enterprise architecture.
Among these functions is the Wolf Controller and WXP integration to reduce risks and operational difficulties, a Wolf Connect mobile/SIM card that allows for more accuracy with less power consumption, greater compatibility with the Sure Recover platform at a lower cost and centralized collection of security logs in Wolf Controller.
