The rise of hybrid work and AI-powered applications is exposing a dangerous weakness in many corporate laptops, as cybersecurity experts warn that default encryption settings on millions of devices may no longer be enough to protect sensitive data.
This is even as they claimed that attackers with physical access to a laptop can bypass standard BitLocker encryption protections in less than a minute using inexpensive tools costing as little as $20.
The warning highlights growing concerns over endpoint security as employees increasingly work from cafés, airports, hotels, and other public spaces where laptops are more likely to be lost or stolen.
Read also: The real cybersecurity threat to African digital health isn’t hackers — it’s vendors
Experts explained that modern laptops now contain far more sensitive information than before, including confidential company documents, cached passwords, employee records, customer data, and access credentials for internal corporate systems.
The rapid use of artificial intelligence applications is making the problem worse because more sensitive information is now processed and temporarily stored directly on laptops instead of remaining only in the cloud.
Cybersecurity specialists pointed to a technique known as TPM bus snooping, which allows attackers to intercept communication between a laptop’s Trusted Platform Module (TPM) security chip and the computer processor during startup.
The TPM chip is designed to securely store encryption keys and support technologies like Microsoft BitLocker, which many organizations rely on to protect data on lost or stolen laptops.
However, researchers say the default “TPM-only” BitLocker configuration automatically unlocks encrypted drives during startup once the system believes the device is trusted. Attackers can exploit this process to capture encryption keys and gain access to the device’s contents.
Security experts warned that the attack is becoming easier as tools and public demonstrations spread across the cybersecurity community.
They also stressed that the weakness cannot simply be fixed through software updates because the problem exists in the way hardware components communicate during the startup process.
The development is raising fresh concerns for companies handling sensitive customer and employee information, especially as data protection regulations become stricter around the world.
Industry analysts say organisations may now need to rethink whether standard BitLocker protection alone is sufficient to meet compliance and data protection requirements after a laptop is lost or stolen.
The growing threat is pushing technology companies to focus more on hardware-based security systems that protect devices directly at the chip level.
HP recently introduced a hardware-rooted security approach called TPM Guard, which creates an encrypted communication channel between the TPM chip and the computer processor to block interception attacks.
Read also: Hackers hide malware in images, fake PDFs to evade detection — HP
According to the company, the system also cryptographically binds the TPM chip to the device, preventing attackers from transferring it to another machine to extract encryption keys.
Experts say the shift reflects a broader change in cybersecurity thinking, where hardware security is becoming just as important as software protection.
With hybrid work now a permanent reality for many organizations, analysts warned that laptops must increasingly be able to defend themselves outside traditional office environments.
They noted that physical access attacks are no longer rare incidents but a growing cybersecurity risk that businesses must prepare for as mobile work continues to expand.
