I am sure everyone has heard about and watched the YouTube video of the Princeton researchers that conduct cold boot attacks on encrypted hard disks. If you haven’t, I highly suggest you do. As everyone agrees…this is a very significant vulnerability and every organization that uses software to encrypt hard disks should look at ways to mitigate this new risk.
There are a ton of articles already about this new threat so I won’t bore you with the details…however, I have found one posted by Rich over at Securosis.com that sums up the entire issue and what risk this might have for your organization.
One thing I would like to highlight in his article is that you should contact the vendor of the hard disk encryption product you use to see if they plan to address this new vulnerability. It will only be a matter of time until the first tool is out there in the wild and actively exploited on stolen laptops.
You are right – much has been talked about the new threat. Interestingly, most of the media seems to think this is not that serious. I agree with Rich that as soon as publicly available tools appear and we see someone’s real data compromized using this attack, it wont be taken that seriously. I hope it does not take that for vendors to proactively think about solving this – rather than doing an ostrich…