Storage devices, such as hard disk drives (HDDs) and solid state drives (SSDs), typically provide some level of security for data stored on the media while the device is at rest (e.g., powered off). Depending on implementation and standard requirements, user and/or administrator passwords may be required to establish security keys to encrypt/decrypt the stored data. When the device powers up, a password may be required to unlock the device.
A problem with these techniques is that the devices (and the data) are susceptible to cable-swap attacks. In this type of attack, the data cable is removed from the device while maintaining power to the device. The device is then connected to the attacker's system, and the attacker is able to access (read and write) all data present on the drive without requiring any password knowledge. Since the device has not lost power during the attack, it remains unlocked and continues to process all reads and writes from the attacking system. One existing approach to handling this problem involves the use of additional encryption layers between the host and the storage device for all data reads and writes. However, this adds cost and complexity, requires additional power and reduces performance. Another existing approach involves the use of a specially designed device side connector that combines data and power. Unfortunately, this technique suffers from a relatively larger form factor and remains vulnerable to an attacker that can disassemble the connector casing to apply an alternate power source to the devices power pins and then proceed with the cable swap attack.
This type of cable swap attack is of growing concern as computer systems are expected to spend increased time in standby/connected-standby modes, and the storage devices associated with these systems remain unlocked during this period. Systems in these modes are susceptible to relatively easy theft, data extraction and data-wipes/replacements, since no password is required.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications, and variations thereof will be apparent to those skilled in the art.