Laptop Data Protection
December 17, 2008 Agenda
Scope of the problem Data encryption toolkit Laptop threats discussion
Page 2 | microsoft.com/technet/SolutionAccelerators Mental Health Laptop Stolen With 22,000 Clinic Loses Patients' Data Laptop Bearing Patient Data
Hospital Chain Stolen government laptop Loses Patient held patient data Records of Data 2,500 taking part in a medical study Stolen Laptop went missing last month Contains Unsecured Data on 365,000 Up to 3,000 patients' data stolen Patients The details of up to 3,000 NHS patients could have NHS laptop with been on a computer stolen 5,123 patient from a doctors' surgery. records stolen “Workers will average nearly 40% of their time away from the desk – a factor that will massively play into mobilizing millions of corporate inboxes this year.”
Strategy Analytics, “Mobile business Application Outlook”, January 2006
“In 2006 we estimate the number of mobile professionals (defined as spending at least 20% of their time away…) will grow to roughly two thirds of workers.”
Strategy Analytics, “Mobile Business Application Outlook”, January 2006
“The worldwide mobile worker population is set to increase to 878.2 million in 2009, accounting for 27.3% of the workforce.” Strategy Analytics, “Mobile business Application Outlook”, January 2006
Page 4 | microsoft.com/technet/SolutionAccelerators Microsoft Vision: “When a customer loses a laptop, they only lose a laptop.”
And so.. The Laptop Data Protection Solution Accelerator was born The goal of the guide is to help customers secure the data on their mobile (and desktop) computers http://technet.microsoft.com/en-us/library/cc500474.aspx
Trustworthy Computing:
“The security of our customers' computers and networks is a top priority, and we are committed to building software and services to better help protect our customers and the industry.” Microsoft
The threats discussed in this presentation are not secrets Our customers‟ adversaries are aware of these attack vectors Our customers need this information too, so that they may make informed decisions about the level of data protection that they need Online attacks With BitLocker, data is protected when the system is shutdown (protecting against offline attacks) When the system is started, the keys are loaded and available in memory Same thing if the system is in sleep mode (S3 standby) Goal: Get the keys from memory Online attacks.. Warm Ghosting Attacker boots system Attacker warm reboots into OS which avoids destruction of RAM image Attacker then can access ghost secrets in Memory Cold Ghosting / Iceman attack Physical memory cells may retain charge long enough to be copied Battery backed DIMMs make it easy! Recent research made headlines but nothing “really” new… http://citp.princeton.edu.nyud.net/pub/coldboot.pdf Online Attacks.. Direct memory access via physical interfaces PCI bus Exploit with PC Card & DMA (David Hulton, ShmooCon 2006) Firewire / IEEE 1394 (allows physical access to host memory) Firewire Attack Adam Boileau, RuxCon 2006 Full Memory Dump via Firewire interface Leads to dump analysis to find the Bitlocker keys
Firewire
Linux Target Vista, online Threats against the TCB
Core Root of Trust for Measurement (CRTM) is intended to be „immutable‟ portion of BIOS Attacking the CRTM Execute chosen-code in CRTM Control / prevent measurements Physically remove it Attack existing CRTM (e.g. buffer overrun) Attack secure update-mechanism to inject unauthorized code into CRTM
Page 12 | microsoft.com/technet/SolutionAccelerators Premeditated Attacks
Attacker hobbles BitLocker protection prior to laptop loss or theft There are many advance-strikes BitLocker does not protect against boot rootkits that are BitLocker-aware
Page 13 | microsoft.com/technet/SolutionAccelerators Bitlocker: Key Protection mechanisms Advanced modes
Dongle Only e TPM Only
s “What you TPM + PIN “What it is.” TPM + U “What you have.” Dongle f Protects o Protects know.” “Two what I TPM + PIN + against: SW- e against: All HW Protects have’s.” Dongle s only attacks attacks against: Many “Two what I a Vulnerable to: Protects
E Vulnerable to: HW attacks have’s, One I HW attacks against: Losing dongle Vulnerable to: Many HW know.” Pre-OS attacks TPM breaking attacks attacks Vulnerable to: Vista SP1, HW attacks Server 2008 only
Security Vista SP1\2008 Mitigations: Use bitlocker advanced modes with hibernation - Group policy for hibernate Ensure BIOS meets bitlocker standards Disable 1394 and PCI host controllers • http://blogs.msdn.com/si_team/archive/2008/02/25/ protecting-bitLocker-from-cold-attacks-and-other- threats.aspx Require smartcards for logon or use strong passwords Use EFS + smartcard to protect user data • After “x” bad tries, Smart Card locked FOREVER Defence in depth:
EFS: Mitigates offline attacks except against user account Prevents online attacks (on encrypted files) Threats switch to user‟s password
BitLocker with advanced modes Prevents offline attacks (replace passwords, read hashes) Threats switch to user logons
Ideal: BitLocker (+USB+Pin)+ EFS with Smart Card Attacker with notebook + Smart Card needs PIN After “x” bad tries, Smart Card locked FOREVER
Pre-Vista SP1\2008: SYSKEY in mode 2 or 3 (can be used on XP\2000 etc) Key stored in your head (mode 2) Key stored on a floppy (mode 3) Protects password hashes with 128 bit symmetric encryption Either mode prevents „Nordahl‟ boot-disk attacks Also prevents the DS Restore mode style attacks Threat – Attacks on Passwords Password guessing: Any services that exposes authentication protocols are at risk for password guessing attacks NetBIOS, SMB, RDP, IIS, FTP etc.
Online attacks: Dumping password hashes from LSASS while the operating system is running • Pwdump*.exe, L0phtCrack 5, GSecDump • http://truesecurity.se/blogs/murray/default.aspx Must have admin access for this to work Threats against Passwords
Man In the Middle Attacks Sniffing shared-secret authentication exchanges based on a users password between client / server (LM, NTLMv2, Kerberos) • Tools available for LM/NTLM and Kerberos v5: ScoopLM BeatLM /Kerbcrack/ LC5 Threats against Passwords
Mitigations Make your hashes immune to reversing in any reasonable amount of time. Use 10 (or 15) character or stronger complex passwords • Or better yet pass-phrases! • NT based operating systems support 128 character pass-phrases • Use two factor authentication Change them every 90 days or less. Minimum time before password can be changed 1 day Number of previous passwords remembered: at least 24 Run in least privilege Shutdown un-needed services (Server service, FTP service etc.)