Rowhammer refers to a data theft technique that has captivated and worried the cybersecurity community for years because of the fact that it combines physical and digital hacking in ways that are both unaccounted for and fascinating. Since its initial discovery, researchers have constantly refined the attack, and even expanded the range of targets it works against. Researchers have significantly increased the scope of the potential threat to include vital devices like and routers and servers—even when they comprise of components that were precisely assumed to be immune.
Rowhammer attacks are known to be a brutal data hack technique. They deal with strategically implementing a program over and over on a “row” of transistors in a computer’s memory chip. The aim here is to “hammer” that row until some electricity gets leaked into the adjacent row. This leakage can cause a bit in the target row to “flip” from one position to another, somewhat modifying the data stored in memory. An accomplished Rowhammer attacker will then be able to start exploiting these minute data changes in order to gain more system access.
Second Remote Rowhammer Exploit
Researchers at the Vrije Universiteit Amsterdam and the University of Cyprus recently discovered that sending malicious packets over LAN can activate the Rowhammer attack on systems running Ethernet network cards equipped with Remote Direct Memory Access (RDMA), which is generally used in data centers and clouds.
Since RDMA-enabled network cards permit computers in a network to exchange data (with both read and write access) in the main memory, misusing it to access host’s memory in rapid succession can activate bit flips on Dynamic random-access memory (DRAM). No software patch can completely fix the issue since Rowhammer exploits a computer hardware weakness. According to researchers, the Rowhammer threat is not just real but also has the potential to bring about real, severe damage.
Researchers have now discovered a second remote Rowhammer attack. Dubbed Throwhammer, this newly discovered technique is capable of allowing attackers to launch Rowhammer attack on the targeted systems by just sending specially crafted packets to the vulnerable network cards over the local area network. In other words, Throwhammer exploited Rowhammer through RDMA channels.
A successful Throwhammer attack will need an extremely high-speed network of at least 10Gbps because triggering a bit flip requires hundreds of thousands of memory accesses to particular DRAM locations within tens of milliseconds
Website Data Hack Prevention
The best way to prevent a data hack situation is to think like a hacker. If you were a hacker, what sort of data would you be looking for? What are the methods you would use to try to get it? There are several different types of databases and many different ways to hack data, but most hackers will either try to run a known database exploit or crack the database root password. If understand database basics and if you are comfortable with SQL statements, you can hack data.
Given below are key reasons for website hacking accompanied with measures on how to prevent them:
- Keep software updated
An outdated software may not be equipped with specific patches that could make it vulnerable to the hacks. Make sure that your web server software, plugins, CMS, and other crucial software related to the website are all set for automatic updates. If that option is not available, make it to manually update the software.
- Using common passwords
Compromised account details is a serious concern that could result in an easy way to hack websites. The most common mistake here is to set a password that is simple and weak or that which is too easy to crack by trying variations of passwords. Thus, it is essential to develop a password that is hard to crack and also refrain from using the same password for different websites. Additionally, make use of security tools like two-factor authentication.
- Improperly managed data
Website data is referred to as “leaked” when it is improperly uploaded or mishandled. It is possible for data leaks to result in hacking. Make sure that employees have access only to the required data and also make use of URL removal tool to ensure Google does not index sensitive URLs in search results.
- Check for your WordPress themes and plugins
You have to ensure that the WordPress themes and the plugins of the website are patched. Outdated plugins, themes, and WordPress version are the most common way and easiest way through which hackers gain access to your site. Your system can still be vulnerable due to deactivated themes and plugins. Make sure you delete the themes or plugins that are additional and not used any more for the website. Don’t disable these plugins or themes, rather, remove their files entirely from your server. Furthermore, when using free available versions of paid plugins and themes make sure to carefully check them before integrating them as these free versions are easy to be infected with malicious code.
- Security policy loopholes
Specific security policies like easily giving away access to the admin, permitting users to develop weak passwords, and not enabling HTTPS on your website, can lead to negative consequences. Always implement a firm security policy in order to safeguard the website. You will also have to properly manage the user access and privileges, accurately analyze the logs, and use encrypted data.
- Web phishing
Hackers mostly use fraudulent emails and web pages just to mislead the user to gain confidential data. Often, phishing attacks make one believe that they are dealing with a genuine webmaster. These attacks trick the user in order to steal passwords and other such confidential data. Thus, it is vital that a user refrains from sharing personal details with someone they are not familiar with.