"Memory-Based Cyberattacks Become More Complex, Difficult To Detect"

Malicious actors increasingly use memories as entry points for cyberattacks, thus igniting concerns about system-level security since memories are nearly found everywhere in electronics, and breaches are hard to detect. Hackers continue targeting almost every consumer, industrial, and commercial segment. In addition, there has been an increase in the number of devices connected to the Internet, providing more opportunities for attackers to strike. According to a Splunk survey, 54 percent of enterprises experienced at least monthly system/network outages caused by cyberattacks. Reports have also revealed that memory safety issues account for about 70 percent of the vulnerabilities in Microsoft products. In a remote attack, malware enters the network or systems, including memories. Generally, hackers look for design flaws and system/memory flaws. In almost any system, bad actors may attempt to attack the memory. It could be something as simple as installing a new operating system on an attacker-owned device, or it could have serious consequences in the case of computers handling financial, infrastructure, military, or transportation functions. Attackers are interested in all types of memory. Memory attacks are broadly classified into two types, with the first involving attacks on storage devices used to boot or load a machine's operating system or software. Physical access to the machine is, but not always, required to mount an effective attack on the storage. However, an already compromised machine may further corrupt the storage, so the machine remains permanently compromised until it is completely erased and restarted. Encryption can help in the security of these storage devices. The second type of memory attack involves Random Access Memory (RAM) devices, which are used to store temporary data. These devices are more likely to be attacked directly through the machine, including via Internet-connected attacks. Physical RAM attacks are also possible. This article continues to discuss the growing complexity of memory-based cyberattacks and the difficulty in detecting them. 

SemiEng reports "Memory-Based Cyberattacks Become More Complex, Difficult To Detect"