One solution is to “air-gap” important systems, or separate them from other computers and the network at large by removing any remote access. It’s a solid plan, but now researchers from the Cyber Security Labs at Ben Gurion University have skirted that security method. The team managed to transfer data using an infected PC’s cooling fans.
To do this, the computer has to be infected with malware designed for it. Once it’s installed, the malware flips the fan speed between 1,000 RPM and 1,600 RPM, an audible difference that a microphone, like one found on a smartphone, can easily pick up on. The demo shows the computer rattling off a long chain of numbers, in binary because of the fan’s two speeds, and a nearby phone listening and interpreting.
In doing so, the malware effectively defeats the air gap. A computer with absolutely nothing connected to it — not even a monitor — could still have data stolen with this attack. The catch, of course, is that a device with a microphone needs to be planted near the target device. That means this malware is never going to target massive numbers of users, but it could still be used to pull off heists worthy of a Bond film.
The malware, which the team calls “Fansmitter,” allows for up to 1,200 bits an hour to be transmitted, in ones and zeroes, over the air to a phone. That’s a full 150 alphanumeric characters per hour, more than enough to steal a couple of passwords or an encryption key.
Malware that attacks air-gapped systems has become an increasingly popular topic over the last few years, as the methods of limiting access to a networked machine become less effective. Fansmitter is not the most practical attack, but it proves that even keeping a system disconnected from the Internet — and any peripherals — does not provide absolute security.
- Gmail is getting a major visual change, but you can opt out
- Twitter is officially testing Notes, its long-form blogging feature
- This simple app makes brilliant use of the MacBook notch
- WhatsApp now lets you control who can see your profile
- MacBook Air 2022: M2 chip, new colors, thinner bezels, and more