Mind the Gap

By

Your air-gapped computer is not as secure as you originally thought

Researchers at the cyber division of the Ben-Gurion University (BGU) discovered that faraday cages and air-gapped systems can be compromised very easily.

"In two newly-released reports, the team demonstrated how attackers can bypass Faraday enclosures and air gaps to leak data from the most highly secured computers. The Odini method, named after the escape artist Harry Houdini, exploits the magnetic field generated by a computer’s central processing unit (CPU), to circumvent even the most securely- equipped room," according to a BGU blog post.

Air-gapped computers are considered to be the most secure as there they are completely isolated from any other system. These systems can be made even more secure by putting them in a sealed faraday cage or room, to eliminate any intervention via electromagnetic signals.

"While Faraday rooms may successfully block electromagnetic signals which emanate from computers, low-frequency magnetic radiation disseminates through the air, penetrating metal shields within the rooms," explained Dr. Guri, one of the researchers. "That’s why a compass still works inside of a Faraday room. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any desktop PCs, servers, laptops, embedded systems and other devices."

Guri said that while everyone was talking about breaking the air gap to get in, no one considered getting the information out. That became the area of exploration and research of his team. His team also assumed that the targeted air-gapped system had already been infected with malware, through mediums like USB drives or other temporary connections that could have been used to either transfer data or update the system. That’s very likely how Iranian air-gapped computers were infected with Stuxnet malware.

So, mind the gap.

02/14/2018
Mind the Gap

Related content

comments powered by Disqus