To Customer Support To Customer Support

?Security researcher uses radio frequencies to smuggle data out of isolated network

  • 29 October 2014
  • 7 replies
  • 910 views
Richard
Userlevel 6
Well, this changes things a little bit.  I remember hearing this as a possibility but never had I heard of it being actually done.  It was all theory before.
 
Source: http://www.engadget.com/2014/10/29/fm-data-leaking/?ncid=rss_truncated


 
Think your completely isolated, internet-disconnected "air gap" computer network is secure from wireless infiltration? Think again -- security researchers at Ben-Gurion University in Israel have found a way to lift data from closed networks using little more than a standard computer monitor and FM radio waves. It's a pretty clever trick: researchers have created a keylogging app called AirHopper that can transmit radio frequencies by exploiting the PC's display. A companion app on an FM-equipped smartphone can decode those transmissions and record the host machine's keystrokes in real-time.
 
Read more: http://www.engadget.com/2014/10/29/fm-data-leaking/?ncid=rss_truncated
--Richard Melick-- Marketing Outreach Specialist Webroot ThreatBlog Stay updated with unique security news and follow me on Twitter

7 replies

shorTcircuiT
Rank
Userlevel 7
Very interesting indeed!  As some who has a small amount of experience with radio theory, I really would not have thought about this as a possible exploit to be honest!
 
Once I think about it though... it does make a remarkable amount of sense.  
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Great article Richard thank you for posting it.
Quite worrying actually for businesses, but I think it was only a matter of time before someone took this approach. I would imagine to prevent some unscrupulous employees using this method to send data outside would be to lock down the computers totally, but I wonder how practical that would be in some circumstances.
shorTcircuiT
Rank
Userlevel 7
I have to admit, I think this hack would be a lot easier, or have a farther broadcast range, if the monitors in question were the old CRT type.  Flat screens do not generate as stong a magnetic field.  I really would not have thought this possible on modern displays to be honest.
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Thinking about it David you are probably right. It is a few years since I was "into" radios and my knowledge has lapsed quite a bit.
shorTcircuiT
Rank
Userlevel 7
@ wrote:
Thinking about it David you are probably right. It is a few years since I was "into" radios and my knowledge has lapsed quite a bit.
Same here... my HAM license is going unused, but I still keep the call sign.
Baldrick
Rank
Userlevel 7
Hmmmmm...I am not sure if this is all that new in concept as I recall that a few years ago there was a big furore about the possibility of picking up what a user sees on their screen remotely, over the airwaves due to CRT displays effectively "
'broadcasting' information..so is this not just an extrapolation/extension of this and why really secure terminals are usually sited in a screened location that prevents the ingress or egress of radio signals, etc?
 
Just a thought/recollection of an old fogey...;)
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
shorTcircuiT
Rank
Userlevel 7
@ wrote:
Hmmmmm...I am not sure if this is all that new in concept as I recall that a few years ago there was a big furore about the possibility of picking up what a user sees on their screen remotely, over the airwaves due to CRT displays effectively "
'broadcasting' information..so is this not just an extrapolation/extension of this and why really secure terminals are usually sited in a screened location that prevents the ingress or egress of radio signals, etc?
 
Just a thought/recollection of an old fogey...;)
 
Baldrick
Exactly Baldrick, a CRT I can see this being very possible... but I would not have thought a flat screen would generate the needed field

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.