Has Recall been totalled? Last month, Microsoft announced the postponement of the controversial “Recall” feature, an AI tool intended to give users searchable access to six months of their own activity. The feature has been dogged by claims of it being intrusive as well as a gift to threat actors.
The rise of AI-powered features and the use of massive amounts of user data are set to transform the field of cyber security. Whilst it is unclear if Recall will ever be released, the mere concept sparks an interesting exploration into the potential shifts in threat tactics, forensic methodologies, and the impacts on data extraction. Recall would be a game-changer in the cyber security landscape.
Changing Windows forensics
For better or for worse, the Recall feature would completely change the process of forensics during an incident.
The searchable format of Recall expedites the process as it eliminates the need for parsing or processing the evidence, and its screen capturing ability can hold considerable digital evidence, often lost through actions like browser history clearing or file deletion. The comprehensive indexed database this tool provides supports higher confidence in forensic findings by allowing investigators to verify their results visually. However, blind spots will remain to the investigating team. Firstly, not all applications will be compatible with Recall for example Microsoft Edge InPrivate mode is excluded but Chrome’s Incognito mode is not. Secondly, activities hidden by threat actors from the screen or by user settings will not be visible to forensic examination.
One significant limitation of Recall is its lack of an audit log, rendering users or threat actors accessing Recall's data untraceable. This raises a critical question in data access and exfiltration investigations: if a threat actor accessed the device, should we consider the entire Recall database as potentially accessed?
Assuming a scenario where there was possible access to the Recall database, we must consider that all data viewed by the user over the last six months may have been accessed and could thus be considered exfiltrated. This incorporates a wide array of user activities beyond documents, challenging to categorise given its volume and diversity. Determining which of this data is sensitive or falls under regulatory control is an arduous task, particularly with six months' worth of accumulated data. It calls for a deep understanding of applicable regulatory frameworks to discern between the different sources and segments.
Finally, should a threat actor exfiltrate the database and delete it from the device, the situation becomes particularly challenging, as the user would be unable to recall precisely what they had viewed over the past half-year.
Changing threat actor tactics
Following the unveiling of the Recall feature and the revelation that its data would be stored in a plaintext database; security researchers swiftly released a tool named TotalRecall. This tool can locate, duplicate, and translate the plaintext database into a format that is instantaneously searchable. Given that attackers often employ a 'living-off-the-land' strategy, they will likely add Recall to their tools and exploit its insights where possible. Microsoft, responding to these developments and the decision to postpone the release of Recall, announced the implementation of just-in-time encryption on the database. This encryption could potentially provide sufficient protection against such tools, however this has yet to be confirmed by security researchers.
Alongside encrypting the database, Microsoft also introduced the requirement for users to re-authenticate through Microsoft Hello before accessing the Recall software. However, if security researchers or attackers discover methods to bypass this additional level of security, it could potentially lead to unauthorised access to sensitive data.
The snapshots captured by Recall are automatically analysed by the Azure AI tool on the user’s device, with the extracted text stored in the Recall database located in the user's AppData folder. This AI tool processes data locally on the device, ensuring that, as per Microsoft's specifics, sensitive data won't be shared with a cloud version. However, there have been documented instances of AI prompts being manipulated to bypass security measures in contemporary AI installations. This suggests that providing unrestricted access to a device and its usage history could potentially be exploited by attackers utilising the same AI prompts.
Lastly, the risk of extortion is escalated by Recall. Threat actors may threaten to publish a user's snapshots and computer usage data, creating a powerful incentive to pay ransoms. The publication of one's recall database could dramatically impact a person's professional and personal life, and possibly their safety, a level of personal threat hitherto unseen.
Security advice
Microsoft has responded to the criticism from the security industry by disabling Recall as a default setting on devices. Security advice concerning this yet-to-be released tool is predicated on the available details about its settings, capabilities, and the already published hacking tools exploiting it. Based on this information, key security suggestions include:
- Configuration control: On enabling Recall, users should be meticulous in configuring its settings, stipulating which apps and websites shouldn't be captured. Keep in mind that not all apps and browsers are fully compatible with Recall's privacy settings.
- Retention reduction: It's not yet clear whether Microsoft allows an option to reduce the retention duration of the Recall database. However, if possible, consider using this feature to limit the amount of data stored at any given time.
- Use of anti-malware tools: To mitigate risks, use a robust anti-malware or endpoint detection solution which, ideally, would alert on an infostealer malware attempting to access Recall data. Researchers have noted several techniques evade detection by Microsoft Defender.
The media predicts the release is expected to stir up chaos and generate uncertainty in the cyber landscape. But without a doubt, a feature such as Recall would inject a large degree of complexity into the mix.