Rowhammer, a New Cloud-based Attack, Means Huge IT Nightmare

By Steve Anderson
Contributing Writer

Information technology (IT) professionals likely don't get much sleep these days. When a problem emerges, these pros work to counter said attack, but find that the counter developed only works for so long until a whole new problem arises. The latest new attack to disturb the slumber of IT professionals is known as Rowhammer, an exploit that's delivering great value for attackers by going after cryptographic keys in cloud environments.

If you heard ominous music or thunder on that last sentence, you're not alone. The Rowhammer exploit allows its users to flip the individual bits used in computer memory, allowing one machine to actually steal the private cryptographic keys contained in a separate machine, as long as the pair are in the same cloud-based environment. Rowhammer wasn't always such a nightmare, of course; in the early days, it was considered “somewhat clumsy and unpredictable,” though even in those days it had a potential to be disastrous.

Reports suggested that the big problem with Rowhammer was controlling how the bit flips occurred, though if that control problem were ever brought to heel, it could be a disaster, allowing users to not only give themselves inflated access privileges, but also completely break through sandbox systems used as a security measure. The problem is that, now, that control problem seems to be a problem no longer, and Rowhammer can do a whole lot more than it ever could before.

The refined Rowhammer is being used as part of an attack known as “Flip Feng Shui,” after the practice of arranging objects in a room according to a kind of mystical energy flow. Flip Feng Shui attacks allow a user to effectively reorganize physical memory in a fashion that allows the Rowhammer attack to be more effective, and opens up access to cryptographic keys and other such material. Some note that the practice doesn't allow the key to be taken, but rather allows a new key to be created in memory instead, which could be considered similar in nature.

It could safely be said that this is just a demonstration of one of the oldest principles around: what one (insert expert class of choice here) can do, another can undo. Protection against today's hacks and exploits is great for today, but today turns into tomorrow with shocking speed and regularity. It's being ready for tomorrow's hacks and exploits that's the big challenge, and Rowhammer and Flip Feng Shui are just two of the big challenges right now. Ongoing, continual vigilance is the price of computer safety, and this latest pair of attacks just drives that point home.

The more prepared we are to face these attacks, the better off we'll all be. There's no place for complacency when it comes to computers, and the elevation of a formerly clumsy attack to a major new threat proves that point better than just about anything.