Skip to main content

Hackers circumvent 'air gap' security with a drone that 'reads' the lights on a computer

If you weren’t concerned about the sight of a drone hovering outside your window peering in at you (and, for the record, you probably should be!), you certainly will when you hear that it could be extracting sensitive data from your computer.

That is according to researchers in the Cyber Security Research Labs at Ben-Gurion University of the Negev in Beersheba, Israel, who have demonstrated an espionage technique that would make James Bond blush, in which a quadcopter films the flashing LED lights on a computer and uses this to steal your data, via a Morse code-style message.

Recommended Videos

“In this work, we found a novel method to extract data from a computer in a very covert and speedy way,” researcher Mordechai Guri, the research and development manager at Cyber Security Research Labs, told Digital Trends.

The attack method is designed to get around computers which use an “air gap” to protect them, basically removing them from the internet so they can’t be hacked in traditional ways.

Fortunately, things are a bit more complicated than simply getting a camera-equipped drone to play peeping tom. To work, the targeted computer first needs to be infected with malware on a USB or SD card, so would-be villains will need to think of a clever way to smuggle one of those into your office before they even think about firing up a UAV.

No, it’s not enormously practical — but due to the speed that LED lights can blink (faster than a human eye), it is possible for hackers to achieve up to 4,000 bits-per-second in data transfer. A couple of megabytes an hour means that it would take aggressors a long time to extract your HD copy of Rogue One: A Star Wars Story, but it does mean that stealing an encryption key wouldn’t take too long.

LED-it-GO. Jumping the Air-Gap with a small HardDrive LED

“We’re academic researchers. We don’t deal with use-cases, but just establish and analyze possible ways to do this,” Guri said. “Certainly, this is not a usual regular grade attack. However, there are organizations such as banks that have air-gapped computers with valuable, sensitive information they want to keep private. In that case, it’s not unimaginable that we may see more extreme methods used to extract data.”

So how should they protect against such an ultra high-tech attack? Ironically, in the most low-fi ways possible. “You could try putting tape over the LEDs, but that’s not an elegant solution,” Guri continued. “Another solution would be to have the computer in a room with blacked-out windows or curtains to reduce the optical visibility of the computer from outside.”

So, basically, the anti-hacking security version of ‘have you tried turning it off and on again?’ advice.

Luke Dormehl
I'm a UK-based tech writer covering Cool Tech at Digital Trends. I've also written for Fast Company, Wired, the Guardian…
Watch Amazon’s new Ring security drone take on a burglar in first ad
ring always home cam autonomous flying camera news specs price alway connect 2 of 3

 

Amazon unveiled a bunch of new products on Thursday, September 24, including Ring’s Always Home Cam.

Read more
Amazon’s Prime Air drone delivery plan takes important step forward
watch amazons all new delivery drone zipping through the sky amazon prime air  2019

When Amazon chief Jeff Bezos announced in December 2013 that he wanted to deliver customer packages using small, autonomous flying machines, some people thought he might be in need of a lie-down.

But Bezos was serious, and ever since then, Amazon has been investing time and money in the development of a drone platform that could one day help the company to improve its last-mile delivery performance.

Read more
The Ioniq 5 is once again eligible for the $7,500 tax credit
2025 Hyundai Ioniq 5

After a brief and confusing absence, the Hyundai Ioniq 5 is once again eligible for the full $7,500 federal tax credit — and this time, it's sticking around (at least for now). So, what happened? Let’s unpack the ride.

The Ioniq 5, a sleek and tech-savvy electric crossover, initially made headlines not just for its design, but for being built at Hyundai’s brand-new Metaplant in Georgia. That domestic assembly qualified it for the EV tax credit under the Inflation Reduction Act (IRA), which requires vehicles to be made in North America with batteries sourced from trade-friendly countries. But early in 2025, the Ioniq 5 vanished from the list. Why? Likely due to its battery packs, which were then still being sourced from SK On’s Hungarian facility.

Read more