Slashdot Mirror

← Back to Stories (view on slashdot.org)

Air-Gapped Computer Hacked (Again)

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: Researchers from Ben Gurion University managed to extract GSM signals from air gapped computers using only a simple cellphone. According to Yuval Elovici, head of the University’s Cyber Security Research Center, the air gap exploit works because of the fundamental way that computers put out low levels of electromagnetic radiation. The attack requires both the targeted computer and the mobile phone to have malware installed on them. Once the malware has been installed on the targeted computer, the attack exploits the natural capabilities of each device to exfiltrate data using electromagnetic radiation.

11 of 80 comments (clear)

  1. Old news is so exciting by Anonymous Coward · · Score: 5, Insightful

    This just in, TEMPEST is a thing. Again.

    1. Re:Old news is so exciting by dave1791 · · Score: 4, Informative

      Parent beat me to the comment. TEMPEST has been around since at least the 80's folks.

    2. Re:Old news is so exciting by fuzzyfuzzyfungus · · Score: 5, Insightful

      It isn't conceptually novel; but doing a practical TEMPEST attack with nothing but a dumbphone, with a fairly unobtrusive software modification, rather than a relatively classy SDR rig or some antenna-covered fed-van is a nice practical refinement.

      Really, how many 'tech news' stories are actually conceptually novel, rather than "Thing you could lease from IBM for the GDP of a small country in the 60s and 70s, or buy from Sun or SGI for somewhere between the price of a new house and the price of a new car in the 80s and early 90s, is now available in a battery powered and pocket sized device that shows ads!" Conceptual novelty has a special place, of course; but one ought not to scorn engineering refinement.

    3. Re:Old news is so exciting by SuiteSisterMary · · Score: 4, Interesting

      Sure, but it still involves physical access to the machine. Headline should have read something like 'novel new way to get data remotely off of compromised non-networked computers'.

      --
      Vintage computer games and RPG books available. Email me if you're interested.
  2. "If you install x on both computers...." by jafiwam · · Score: 5, Insightful

    This is just a new way to make a very slow, very crappy network connection via unexpected hardware.

    "Hacking" has SOME meaning ya dummies. It implies that there isn't a willful participant at one end and the data breech happened anyway.

    Whatever this is... it isn't 'hacking'.

    1. Re:"If you install x on both computers...." by fuzzyfuzzyfungus · · Score: 4, Insightful

      It isn't a standalone hack, since placing the implant is left as an exercise for the reader; but exfiltration is a necessary ingredient of hacks in situations where a network connection either doesn't exist or can't safely be used.

    2. Re:"If you install x on both computers...." by gstoddart · · Score: 5, Interesting

      But so what? If you can get someone inside the secure area where the super secret machines are, and you can put a small amount of malware on them, you can gain access to them.

      Yes, you won't do this with a remote exploit, but if you can subvert one person you can get into stuff.

      So, like in Ocean's 11 where the guy dressed as the technician hooks into the system and nobody knows it, this is a way in which the bad guys can get your stuff.

      And if you know that air gapped computers likely rely on some form of portable media on some form of regular schedule, and you can target that remotely, you really don't need a willing participant on the other end. The portable media might do the job for you without anybody even knowing about it.

      If I can compromise your top secret computers by figuring out the weak link of getting this stuff onto them, then from an espionage sense of the word, I'm inside 'yer stuff and I can has cheeseburger.

      It sure as hell is hacking by any meaningful sense of the word.

      To many of us, 'hack' absolutely includes a clever new way of gaining access to something by exploiting something something unexpected. Doing it over an air gap is pretty unexpected since traditionally we say computers are secure if they're not connected to a network and inside a locked room. With this, not so much.

      Once you have the technique, the social engineering or other cheating to get the access is something pretty much well covered by the rest of the espionage playbook. Hell, it's pretty well covered in books and movies.

      --
      Lost at C:>. Found at C.
  3. Hacked Computer with air gap not completely secure by cnaumann · · Score: 4, Insightful

    That headline would be a little more accurate but far less sexy.

  4. really bad title by bloodhawk · · Score: 4, Insightful

    NO, the air gap computer wasn't hacked. If you require them to install malware on it then it wasn't actually hacked, the air gapping is to prevent any malware from getting in. This is like a heap of other sensational articles from security researchers that claim how weak somethings security is as long as they had physical access or admin access, yeah no shit Sherlock, if you can install software on a computer you can do all sorts of nifty shit.

  5. Motorola C123 = almost SDR by citizenr · · Score: 4, Informative

    Phone shown in the video is a variant of Motorola C123, Calypso Chipset design with leaked firmware source and semi documented dsp
    http://bb.osmocom.org/trac/wik...

    it isnt some dumb phone, its an SDR platform capable of running primitive GSM base station, or sniffing GSM traffic.

    --
    Who logs in to gdm? Not I, said the duck.
  6. Re:If you have physical access... by gstoddart · · Score: 4, Insightful

    It requires someone to have access, but not necessarily you.

    Say I know every Tuesday you need to transfer data to your air gapped computers. Now, assume the source of that data is somehow less secure and I can target that. Now, the person who is supposed to be in there is the only one who ever is, and unknowingly transfers the appropriate code to get into your systems.

    See, the thing about security is that it's only as strong as the weakest link. If there is ever any data transfer in or out of your secure system, that becomes the weak link.

    With some cleverness and patience, it is entirely possible this can be done entirely remotely, with all of the physical access being done by trusted people. And then your assertion about needing physical access becomes provably false.

    Assuming your air-gapped machine periodically needs new inputs, and assuming you don't have people type that in from paper copy ... then however you get stuff on or off that computer is the thing you target.

    Sure, the guys with guns and video cameras won't let me into your secure room. But they do let someone in. And that someone can be made to be unwittingly do your dirty work.

    I don't think my scenario is even remotely implausible. If you have enough motivation, patience, and resources, you can accomplish an awful lot when it comes to bypassing security. And most nation states have all of those things, and lots of people actively working on it.

    --
    Lost at C:>. Found at C.