According to Björn Ruytenberg Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep.
Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement, i.e., there is no phishing link or malicious piece of hardware that the attacker tricks you into using. Thunderspy works even if you follow best security practices by locking or suspending your computer when leaving briefly, and if your system administrator has set up the device with Secure Boot, strong BIOS and operating system account passwords, and enabled full disk encryption. All the attacker needs is 5 minutes alone with the computer, a screwdriver, and some easily portable hardware.
“What’s a user need to do?
…Users of computers that remain unprotected against this esoteric attack can then use their BIOS to disable Thunderbolt altogether. Users should also ensure full disk encryption is enabled and turn computers off, as opposed to putting them to sleep, when leaving a PC unattended”
By DAN GOODIN
For more information about Thunderspy can be found in the source below.