Stealing Data Without having any
Connection on the Computer
Air-gapped computer is an
isolated computer without any network connection for long it was considered the
most secure and safest place for storing data in critical infrastructures such
as industrial control systems, classified military networks…
However, these systems was a research subject for cybersecurity experts, which proves that these isolated systems are not completely secure!
However, these systems was a research subject for cybersecurity experts, which proves that these isolated systems are not completely secure!
Previous techniques of hacking air gap computers include:
·
AirHopper that
turns a computer's video card into an FM transmitter to capture keystrokes;
·
BitWhisper that
relies on heat exchange between two computer systems to stealthily security
keys;
·
Stealing
the secret cryptographic key a Side-Channel Attack.
·
Now, researchers have devised a
new method to steal data from an infected computer even if it has not
been physically connected to the Internet .
'DiskFiltration'
Research:
The new research focused on, once
infected, how the malware would be able to transfer data (passwords,
cryptographic keys, keylogging data, etc.) stored on an air-gapped computer
without any electronic device connected to it.
A team of researchers from Ben-Gurion University published their finding in a paper titled,
"DiskFiltration:
Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive
Noise,"
explaining a unique technique
that uses acoustic signals (or sound signals)
emitted from the (HDD) of the targeted air-gapped
computer to transfer the data.
How
DiskFiltration Works?
You might have felt something generating weird noise while your are using your computer.
That voice is due to the "actuator" inside your hard drive, which moves on the disk plate while accessing blocks of storage.
The researchers used their malware to manipulate the movements of the actuator in very specific way to generate noise like the morse code that they interpreted into binary data using a smartphone app from six feets away, at a speed of 180 bits per minute.
This technique is fast enough to transmit a 4,096-bit
key within 25 minutes