WHY THIS MATTERS IN BRIEF
- Air gapped systems are used to hold and protect top secret data, and they’re becoming increasingly vulnerable to hacks
Air gapped computer systems have always held a special fascination for hackers – firstly because of the challenge that surrounds being able to hack a system that’s logically and physically isolated from the rest of its tribe, and secondly, and probably more importantly because of the classified and sensitive data they hold. Air gapped systems, after all, are par for the course within organisations, such as defence, government and national security agencies that create and collect highly sensitive, top secret information.
Over the past twelve months we’ve seen a few new hacks that steal information from these isolated systems – everything from listening to hard drives to creating new viruses that use microphones to jump between the air gaps.
Now security experts in Israel have managed to demonstrate for the first time that you can also steal data from these systems by blinking and reading the LED’s on the front of them, and to prove it they enlisted the help of a drone.
Security researchers from Ben Gurion University recently demonstrated an attack in which they infected an air gapped machine with malware that could control the systems LED and cause it to blink in a pattern which transmitted sensitive, encoded data from the machine – just like Morse Code.
In a YouTube video put together by the researchers, a drone with a camera is flown up multiple stories outside of an office building until it locates the blinking HDD LED, and once it’s in the line of sight of the LED, it records the blinks and steals the data.
According to the researchers report, the LED can be forced to blink at up to 5,800 blinks per second, far beyond the rate that can be detected by the human eye. And even if the blinking was detected then LED’s are always blinking, and this makes the attack covert in a way that makes it likely it wouldn’t be noticed by the user in any case.
“Our experiment shows that sensitive data can be successfully leaked from air gapped computers via the HDD LED at a maximum bit rate of 4,000 bits per second – depending on the type of receiver and its distance from the transmitter,” the report said, “notably, this speed is 10 times faster than the existing optical covert channels for air gapped computers. These rates allow fast exfiltration of encryption keys, keystroke logging, and text and binary files.”
Citing other research, the report noted that the computer LED could be detected by certain cameras from 30 meters away or further and to encode the actual data, the report cited three main methods; On-Off Keying (OOK), Manchester Encoding and Binary Frequency Shift Keying (B-FSK).
While the new hack is unlikely to trick the more advanced security organisations though, like the NSA whose systems are buried deep in data centres below ground and out of the sight of cameras, it will still be an effective way to extricate sensitive data from millions of other commercial organisations, such as banks and energy companies.
In order to protect themselves though companies could ban cameras, cover or disconnect LEDs and shield windows, as well as invest in LED activity monitoring software, an LED activity monitoring camera, or signal jamming software.
Ultimately the new hack is just another step in the war of one upmanship but, again, it’s another hack that organisations now need to protect themselves against that didn’t exist before.
Matthew Griffin Global Futurist, Tech Evangelist, X Prize Mentor ● Int'l Keynote Speaker ● Disruption, Futures and Innovation expert
Matthew Griffin, Futurist and Founder of the 311 Institute, a global futures think tank, is described as “The Adviser behind the Advisers.” Recognised in 2013, 2015 and 2016 as one of Europe’s foremost futurists, innovation and strategy experts Matthew mentors several XPrize teams, and is an award winning author, entrepreneur and international speaker who is regularly featured on the BBC, Discovery, Kurzweil, Newsweek, TechCrunch and VentureBeat. Working hand in hand with accelerators, investors, governments, multi-nationals and regulators around the world Matthew shines a light on the future and helps them transform their industries, organisations, products and services by demonstrating how the combination of democratised, and increasingly powerful emerging technologies, are helping fuel cultural, industrial and societal change that is transforming old industries and creating new ones. Matthew’s clients include Accenture, Bain & Co, Bank of America, Booz Allen Hamilton, Boston Consulting Group, Dell EMC, Deloitte, Deutsche Bank, E&Y, Fidelity, Goldman Sachs, Huawei, JP Morgan Chase, KPMG, McKinsey & Co, PWC, Qualcomm, SAP, Schroeder’s, Sequoia Capital, UBS, the UK’s HM Treasury, the USAF and many others.