ACSC programs and advice are being migrated to cyber.gov.au (see sidebar)

News

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

What is the Intel AMT issue?

The ACSC is aware of reporting that devices with Intel Active Management Technology (AMT) have an insecure default behaviour that could allow an attacker to bypass security controls on the device.

AMT is a management feature of Intel products that enables administrators to remotely manage devices. The feature is found on devices such as laptops, desktops and servers.

Researchers have recently reported that devices featuring AMT are configured with a default AMT password of "admin".

Why is this important?

The default password can be leveraged using a simple procedure by an individual with physical access to an affected device to bypass security controls such as BIOS or Bitlocker passwords and enable remote management. This unauthorised remote management could then be utilised for further malicious activity.

What should I do now?

Users with Intel AMT enabled devices are encouraged to consider:

  • disabling Intel AMT in the device BIOS when it is not required,
  • where possible, replacing the default Intel AMT password with a secure password,
  • ensuring devices are not left unattended in public places.

A security best practices Q&A for Intel AMT can be found at the link below:

https://www.intel.com/content/dam/support/us/en/documents/technologies/Intel_AMT_Security_Best_Practices_QA.pdf

In August 2018 ACSC launched a new website, cyber.gov.au, to reflect its new organisation.

Cyber security programs and advice are being migrated to cyber.gov.au. Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies