New 'Phlashing' Attack Sabotages Hardware

Slashdot writes about a new type of denial-of-service attack that damages a system so severely that it must be replaced or the hardware must be reinstalled.

Called 'Phlashing', this permanent denial-of-service (PDOS) attack can be launched remotely.

“We aren't seeing the PDOS attack as a way to mask another attack, such as malware insertion, but [as] a logical and highly destructive extension of the DDOS criminal extortion tactics seen in use today,” says Rich Smith, head of research for offensive technologies & threats at HP Systems Security Lab.

Smith will show how network-enabled systems firmware is vulnerable to remote PDOS attacks this week at the EUSecWest security conference in London this week.

See related article in darkREADING.