A research team has found an exploit that allows hackers to decrypt and view encrypted files on a number of well-known SSD drives.
- Samsung T5 Portable
- Samsung T3 Portable
- Samsung 850 EVO
- Samsung 840 EVO
- Crucial MX 300
- Crucial MX 200
- Crucial MX 100
According to the research team:
“We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret.”
The team disclosed their findings to both Crucial and Samsung to give both of the companies an opportunity to prepare firmware updates and get them out to their clients.
Crucial has responded swiftly, offering firmware updates to all three of the impacted drives. Samsung’s response has been a bit more sluggish. To date, they’ve released firmware updates for the T3 and T5 models. Apparently though, the company has no plans to update their EVO drives, having issued a statement encouraging EVO users to opt for software encryption instead.
Unfortunately, there’s another fly in the ointment. Windows’ BitLocker software encryption will default to hard drive encryption if it finds it supported on a given drive. This means that BitLocker cannot be counted on as a viable software encryption solution. The same flaws that allow hackers access to the drives mentioned above will also allow them to circumvent BitLocker.
The bottom line is simply this: If you’re relying on your SSD drive to secure your data, it may not be offering you as much protection as you had hoped, especially if you’re currently using a Samsung EVO drive.