If you fear your computer may be getting hacked, disconnecting it from the internet is a good first step. However, that ‘air gap’ by itself is not necessarily enough to prevent data from being stolen from your PC.
lsraeli scientists have recently discovered a new way for data to be extracted from even air-gapped (physically isolated) computers, with a new malware attack that combs data from the whirring sound of your PC’s internal fan.
Get our weekly highlights directly in your inbox!Sign up
In a paper published by Ben-Gurion University, Researcher Mordechai Guri, head of Ben-Gurion’s Cyber Security Research Center (CSRC), along with his team, Yosef Solewicz, Andrey Daidakulov, and Prof. Yuval Elovici, presented how they were able to succesfully access data from an air-gapped computer, one without an internet connection and not networked with computers with an internet connection, which are used for the most secretive tasks.
Computers have two or more fans which revolve at an audible frequency. Guri’s team used the audible sounds of the computer’s cooling fans to steal its data. By introducing malware into the air-gapped computer, the team was able to take control of the fans and have them spin at varying frequencies and transmit data to a nearby device. The “fansmitter”, as the team calls it, even works on computers that have deactivated their speakers or do not have any speakers attached.
While the method can only be used to steal small amounts of data, the team still managed to steal enough data to get usernames, passwords and encryption keys. So far the team has been able to steal data at a rate of 15 to 20 bits per minute, but they are working on finding ways to increase that speed.
Guri and his team have also proposed several other methods to penetrate air-gapped computers using elements like radio waves, electromagnetic waves and even the heat the computer generates.
Pictures and videos: Ben-Gurion University, Pixabay