BitLocker
Explore how BitLocker secures Windows systems by encrypting the entire disk. Understand the risks of physical access attacks such as the Sticky Keys exploit and how full disk encryption safeguards against unauthorized data access and system control.
We'll cover the following...
Introduction
BitLocker is Microsoft’s full disk encryption (FDE) solution. It encrypts the entire file system transparently to the user and the applications. This is a defense against attackers with physical access, but since the file system is decrypted automatically once the system boots up, this doesn’t provide any defense against malware or attackers with access to the machine via stolen creds or that are exploiting vulnerable software running on the box.
Without an FDE solution in place, an attacker with physical access can just pull the hard drive out of the victim’s computer, copy it to an external drive, and take the external drive away for investigation. While an attacker has the hard drive removed from the computer, they can also attach it to a computer owned by the attacker, copy malware onto the victim’s hard drive, then put the hard drive back in the victim’s computer. Additionally, ...