Researchers have demonstrated a new class of fault attacks possible due to the poor security design of energy management systems present in most modern computing devices.
Energy management is an important feature of modern computers, particularly in the case of mobile devices, as it helps increase battery life, improve portability and reduce costs. However, since designing such systems is not an easy task, focus has been placed on efficiency and security has often been neglected.
At the recent USENIX Security Symposium, a team of experts from Columbia University presented an attack method they have dubbed “CLKscrew.” They showed how a malicious actor could exploit the lack of security mechanisms in energy management systems to carry out a remote attack and obtain sensitive data.
