fbpx
 
Home / News, Videos & Publications / News / Homeland & Cyber Security /

Using Computer Noise to Steal Data

Using Computer Noise to Steal Data

August 18, 2016

Homeland & Cyber Security

Science Alert — Researchers from BGU’s Cyber Security Research Center (CSRC) have demonstrated yet another new vulnerability in computers. Hackers can steal sensitive data that is encoded in the noise of computer hard drives.

The attack, called DiskFiltration, is the latest technique to show that even PCs that are completely disconnected from the internet and any local networks — known as air-gapped computers — aren’t necessarily safe from hackers.

mordechai-guri

Mordechai Guri

“An air-gap isolation is considered to be a hermetic security measure that can prevent data leakage,” says CSRC researcher Mordechai Guri.

“Confidential data, personal information, financial records, and other types of sensitive information are stored within isolated networks. We show that despite the degree of isolation, the data can be exfiltrated.”

Once a computer is infected with DiskFiltration, the data stolen by the malware is encoded and then relayed — simply via the noises the computer’s hard drive generates — to an intercepting device in the immediate vicinity.

“Digital information can be modulated over the acoustic signal and then be picked up by a nearby receiver (e.g. smartphone, smartwatch, laptop, etc.),” the research team explains in a recent paper.

The data transmission is glacially slow at just 180 bits per minute, but small things like passwords and cryptographic keys could be transmitted in short order.

The CSRC researchers are no strangers to discovering unique computer vulnerabilities; recently they published their findings on how data can be stolen from a computer’s cooling fan.

Read more on the Science Alert website >>