Data Exfiltrators Send Info Over PCs' Power Supply Cables

From a report on The Register: If you want your computer to be really secure, disconnect its power cable. So says Mordechai Guri and his team of side-channel sleuths at the Ben-Gurion University of the Negev. The crew have penned a paper titled PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines that explains how attackers could install malware that regulates CPU utilisation and creates fluctuations in the current flow that could modulate and encode data. The variations would be "propagated through the power lines" to the outside world.

Depending on the attacker's approach, data could be exfiltrated at between 10 and 1,000 bits-per-second. The higher speed would work if attackers can get at the cable connected to the computer's power supply. The slower speed works if attackers can only access a building's electrical services panel. The PowerHammer malware spikes the CPU utilisation by choosing cores that aren't currently in use by user operations (to make it less noticeable). Guri and his pals use frequency shift keying to encode data onto the line.

good luck getting past the UPS

Double-conversion UPS... the data stops there. There's your firewall.

Re:good luck getting past the UPS

[MDMurphy]

Based on the concept of motor-generators used for high-security facilities, a "secure " UPS could just use 2 batteries. Incoming power charges battery A while output runs on battery B.
Incoming power disconnects periodically, output switches to battery A and incoming switched to charging battery B.
If incoming power is lost ( the main reason for a UPS ) then both batteries are connected in parallel giving the user the full backup capacity.
At no time is the output connected to anything other than a battery.