Are Graphics Processing Units Vulnerable To Hacker Attacks?

December 4, 2018

Written by wukovits

Bad news for computer users everywhere.  Researchers at the University of California in Riverside have discovered that GPUs (Graphics Processing Units) are vulnerable to side-channel attacks like Spectre and Meltdown, which have been plaguing Intel CPU’s for the better part of a year.

The team, (consisting of two computer science professors and two PhD students) reverse-engineered an Nvidia GPU and demonstrated three separate side-channel attacks. The attacks targeted both computational and graphics stacks, believing these to be the first ever side-channel attacks designed to work on GPUs.

All three of the newly discovered attacks exploit the user counter in the GPU, which is used for performance tracking and are available in user mode. This is significant because it means that literally anyone has access to them.  All three also require the victim to download a piece of malware designed to spy on the user’s system to provide information back to the hacker executing the attack.

The first of the three attacks tracks a user’s internet activity and is made possible because GPUs are used to render graphics in web browsers.  The attack is executed when a poisoned app utilizes OpenGL to infer browser behavior as it utilizes the resources of the GPU.

The second attack allows the hacker to glean password information, because GPU resources are used to render the login box on the user’s screen.  By monitoring memory allocations in the chip, a hacker can identify the specific keys pressed when entering a password.

The third attack targets computational applications and is designed to target neural network architecture.  Its main purpose is to sniff out and steal neural network algorithms.

In terms of defending against these attacks, there’s good news and bad news.  Turning off user mode access to the counters is a viable defense, but unfortunately, many applications rely on that functionality. Turning it off will cause a number of programs (that you probably need) to stop working.  Ultimately then, GPU manufacturers are going to need to engineer a fix in much the same way that Intel did for their impacted CPUs.

No instances of these types of attacks have been seen in the wild to this point, but now that the word is out, it’s just a matter of time.  2019 stands to be a brutal year until and unless a fix is found and pushed out.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Send us a message

Your message was sent.