By Eduard Kovacs on October 30, 2014
Bypassing Air Gap Security: Malware Uses Radio Frequencies to Steal Data from Isolated Computers
A proof-of-concept malware developed by researchers at the Ben Gurion University in Israel shows that an attacker can transmit sensitive information from isolated computers to nearby mobile phones by using radio signals.
Numerous organizations have resorted to what is known as "air gapping" to secure their most sensitive information. This security method can be efficient because the protected devices are isolated from the Internet, which makes them difficult to compromise.
Getting a piece of malware onto isolated computers can be done in various ways, including with removable drives, such as in the case of Stuxnet, and outsourced software or hardware components. However, the more difficult part is getting that piece of malware to remotely transmit sensitive data from the infected computer.
The researchers have demonstrated that data exfiltration from an isolated device is possible via radio signals captured by a mobile device. The proof-of-concept malware they have created, dubbed "AirHopper," uses the infected computer's graphics card to emit electromagnetic signals to a nearby mobile phone that's set up to capture the data.
"With appropriate software, compatible radio signals can be produced by a compromised computer, utilizing the electromagnetic radiation associated with the video display adapter. This combination, of a transmitter with a widely used mobile receiver, creates a potential covert channel that is not being monitored by ordinary security instrumentation," the experts wrote in a paper published on Wednesday.
Full Article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.