Fast Facts

• Researchers built a $50 device that bypasses memory encryption on leading Intel and AMD processors.
• The attack, dubbed “Battering RAM,” defeats protections designed for cloud data privacy.
• Physical access - even briefly - is required, making insider threats or supply-chain attacks possible.
• Chip makers admit the flaw but won’t fix it, saying it lies outside their threat models.
• Open-source plans for the attack device are already public.

Cracking the Digital Fortress

Imagine a state-of-the-art digital vault - encrypted, sealed, and trusted by banks, hospitals, and governments worldwide. Now imagine someone slipping a $50 gadget between the vault’s walls, rerouting the contents to their own pocket. This is no Hollywood fantasy: it’s the reality revealed by a group of European researchers who have built a “Battering RAM” for the cloud era.

Confidential computing, the crown jewel of cloud security, promises to lock up sensitive data - even from the cloud provider itself - by encrypting everything in memory. For years, Intel’s SGX and AMD’s SEV-SNP technologies have been the gold standard, protecting workloads from rogue insiders and hackers alike. But the Battering RAM attack shows that, with a little physical access and some electrical savvy, these digital locks can be picked.

How the Battering RAM Works

At its core, the attack is deceptively simple. Computers use special memory chips (DRAM) to store everything in action - from passwords to credit card numbers. Cloud providers rely on advanced processors to encrypt this memory, creating a digital moat around sensitive data. But the Battering RAM device, a custom circuit board built with cheap analog switches, can sneak between the processor and memory, invisibly rerouting data without the system noticing.

By flipping a switch, the attacker rewires the memory map on the fly, capturing encrypted secrets and replaying them elsewhere. This allows them to read, alter, or even backdoor virtual machines running in the cloud. The trick is reminiscent of old-school hardware hacking - think of a telephone wiretap, but for the cloud’s brain.

Echoes of Past Attacks - and a Blind Spot Exposed

This isn’t the first time memory encryption has been cracked by clever hardware meddling. The Battering RAM is an evolution of “BadRAM,” a previous exploit that forced chip makers to add new defenses. But where BadRAM relied on static changes detected at boot, Battering RAM works dynamically, evading the latest protections.

While the attack requires physical access - limiting its use to insiders, rogue technicians, or supply-chain saboteurs - its existence exposes a blind spot in the industry’s trust model. Major chip makers, Intel and AMD, have acknowledged the problem but refuse to fix it, arguing that physical attacks are out of scope. Their stance leaves cloud customers to trust, but verify, the chain of custody for their most sensitive machines.

With plans for the attack device available on GitHub, the research community is abuzz, and defenders are rethinking what “confidential” truly means in the cloud. As virtual borders blur, physical security is once again at the heart of digital trust.

WIKICROOK

• Confidential Computing: Confidential Computing keeps data encrypted and secure even while it is being processed, protecting sensitive information from unauthorized access at all times.
• DRAM (Dynamic Random: DRAM is the main memory in computers, temporarily storing active data like files and passwords for quick access by the processor.
• SGX (Software Guard Extensions): SGX (Software Guard Extensions) is Intel’s technology for creating secure, isolated memory enclaves to protect sensitive data from unauthorized access.
• SEV: SEV (Secure Encrypted Virtualization) encrypts each virtual machine’s memory, protecting data from unauthorized access in cloud and virtualized environments.
• Interposer: An interposer is a hardware device placed between two components, like a processor and memory, to intercept, relay, or modify data signals.