Slashdot Mirror

← Back to Stories (view on slashdot.org)

Air-Gapped Computer Hacked (Again)

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: Researchers from Ben Gurion University managed to extract GSM signals from air gapped computers using only a simple cellphone. According to Yuval Elovici, head of the University’s Cyber Security Research Center, the air gap exploit works because of the fundamental way that computers put out low levels of electromagnetic radiation. The attack requires both the targeted computer and the mobile phone to have malware installed on them. Once the malware has been installed on the targeted computer, the attack exploits the natural capabilities of each device to exfiltrate data using electromagnetic radiation.

8 of 80 comments (clear)

  1. Old news is so exciting by Anonymous Coward · · Score: 5, Insightful

    This just in, TEMPEST is a thing. Again.

    1. Re:Old news is so exciting by fuzzyfuzzyfungus · · Score: 5, Insightful

      It isn't conceptually novel; but doing a practical TEMPEST attack with nothing but a dumbphone, with a fairly unobtrusive software modification, rather than a relatively classy SDR rig or some antenna-covered fed-van is a nice practical refinement.

      Really, how many 'tech news' stories are actually conceptually novel, rather than "Thing you could lease from IBM for the GDP of a small country in the 60s and 70s, or buy from Sun or SGI for somewhere between the price of a new house and the price of a new car in the 80s and early 90s, is now available in a battery powered and pocket sized device that shows ads!" Conceptual novelty has a special place, of course; but one ought not to scorn engineering refinement.

  2. "If you install x on both computers...." by jafiwam · · Score: 5, Insightful

    This is just a new way to make a very slow, very crappy network connection via unexpected hardware.

    "Hacking" has SOME meaning ya dummies. It implies that there isn't a willful participant at one end and the data breech happened anyway.

    Whatever this is... it isn't 'hacking'.

    1. Re:"If you install x on both computers...." by fuzzyfuzzyfungus · · Score: 4, Insightful

      It isn't a standalone hack, since placing the implant is left as an exercise for the reader; but exfiltration is a necessary ingredient of hacks in situations where a network connection either doesn't exist or can't safely be used.

  3. Hacked Computer with air gap not completely secure by cnaumann · · Score: 4, Insightful

    That headline would be a little more accurate but far less sexy.

  4. really bad title by bloodhawk · · Score: 4, Insightful

    NO, the air gap computer wasn't hacked. If you require them to install malware on it then it wasn't actually hacked, the air gapping is to prevent any malware from getting in. This is like a heap of other sensational articles from security researchers that claim how weak somethings security is as long as they had physical access or admin access, yeah no shit Sherlock, if you can install software on a computer you can do all sorts of nifty shit.

    1. Re:really bad title by Anonymous Coward · · Score: 1, Insightful

      The tittle is bad.... but it is still a "hack." One reason to air gap a network is to prevent the exfiltration of data, which this is able to do through a covert channel. This program circumvents that security, albeit with the high bar of first needing a way to install malware on the machine and leave a phone nearby.

      So James Bond breaks into the high security area, installs the malware, and leaves. From then on classified data can be slowly siphoned without anyone else knowing.

  5. Re:If you have physical access... by gstoddart · · Score: 4, Insightful

    It requires someone to have access, but not necessarily you.

    Say I know every Tuesday you need to transfer data to your air gapped computers. Now, assume the source of that data is somehow less secure and I can target that. Now, the person who is supposed to be in there is the only one who ever is, and unknowingly transfers the appropriate code to get into your systems.

    See, the thing about security is that it's only as strong as the weakest link. If there is ever any data transfer in or out of your secure system, that becomes the weak link.

    With some cleverness and patience, it is entirely possible this can be done entirely remotely, with all of the physical access being done by trusted people. And then your assertion about needing physical access becomes provably false.

    Assuming your air-gapped machine periodically needs new inputs, and assuming you don't have people type that in from paper copy ... then however you get stuff on or off that computer is the thing you target.

    Sure, the guys with guns and video cameras won't let me into your secure room. But they do let someone in. And that someone can be made to be unwittingly do your dirty work.

    I don't think my scenario is even remotely implausible. If you have enough motivation, patience, and resources, you can accomplish an awful lot when it comes to bypassing security. And most nation states have all of those things, and lots of people actively working on it.

    --
    Lost at C:>. Found at C.