While measures have been taken to forestall ShadowHammer-like attacks in the future, researchers are still in a fix about how the attack was actually carried out in the first place.
In its statement, the company said its customer service personnel have got in touch with the affected users and are doing all they can to ensure the security risks are completely removed.
Asus Version 3.6.8 announced multiple security confirmation mechanisms to avert malevolent manipulation from software updates or other ways, executed an enhanced end-to-end encryption system, and updated and supported its server-to-end-user software architecture to prevent similar attacks from happening in the future.
Asus also developed an online security diagnostic tool to check for affected systems.
In spite of the changes, researchers like Tim Erlin, vice president, product management and strategy at Tripwire, showed his concern about users who have already been compromised.
Earlin said that those affected need to determine whether they have actually been targeted by attackers, and then they need to evaluate the degree of the compromise.
He said that “this attack leveraged a very extensive platform, the Asus updates, but then tactically targeted a small set of those firstly compromised for further attack.”
He said that the fix from Asus doesn’t help us comprehend who was targeted and why, adding that there’s still insufficient information about how precisely was compromised and that sharing this information would benefit the entire industry.
Mike Jordan, senior director of The Shared Assessments Program, said that organizations can professionally and effectively manage these multi-dimensional threats by working together on a common language and expected practices.
Jordan said that ways to effectively address these risks in our working groups are being seriously discussed, adding that “very soon we will be able to foil such security attacks in the future.”