Hard Drive Noise is Not Safe !

Stealing Data Without having any Connection on the Computer  

Air-gapped computer is an isolated computer without any network connection for long it was considered the most secure and safest place for storing data in critical infrastructures such as industrial control systems, classified military networks…

However, these systems was a research subject for cybersecurity experts, which proves that these isolated systems are not completely secure!

Previous techniques of hacking air gap computers include:

·         AirHopper that turns a computer's video card into an FM transmitter to capture keystrokes;

·         BitWhisper that relies on heat exchange between two computer systems to stealthily security keys;

·         Stealing the secret cryptographic key  a Side-Channel Attack.

·          

Now, researchers have devised a new method to steal data from an infected computer even if it has not been physically connected to the Internet .

'DiskFiltration' Research:

The new research focused on, once infected, how the malware would be able to transfer data (passwords, cryptographic keys, keylogging data, etc.) stored on an air-gapped computer without any electronic device connected to it.

A team of researchers from Ben-Gurion University published their finding in a paper titled,

"DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise,"

explaining a unique technique that uses acoustic signals (or sound signals) emitted from the (HDD) of the targeted air-gapped computer to transfer the data.

How DiskFiltration Works?

You might have felt something generating weird noise while your are using your computer.
That voice is due to the "actuator" inside your hard drive, which moves on the disk plate while accessing blocks of storage.

The researchers used their malware to manipulate the movements of the actuator in very specific way to generate noise like the morse code that they interpreted into binary data using a smartphone app from six feets away, at a speed of 180 bits per minute.

This technique is fast enough to transmit a 4,096-bit key within 25 minutes