If you have an air-gapped computer, you probably think you’re safe. You may think that barring physical access to the machine, no hacker could possibly steal the data on that machine. Unfortunately, you’d be incorrect.
Security researchers from the Ben Gurion University of the Negev, in Israel, have discovered a new way of stealing data using power lines. While that may sound like science fiction, it’s actually real and a genuine threat, even to computers thought to be highly secure.
If you’re not familiar with the term, an air gapped computer is one that is isolated from local networks and the internet. Because it’s not connected to anything, these machines have long been regarded as the ultimate in data security and are used by governments and corporations to store their most sensitive data.
Here’s what the researchers had to say about their discovery:
“As a part of the targeted attack, the adversary may infiltrate the air-gapped networks using social engineering, supply chain attacks, or malicious insiders. Note that several APTs discovered in the last decade are capable of infecting air-gapped networks (e.g. Turlal, RedOctober and Fanny).
However, despite the fact that breaching air-gapped systems has been shown feasible, the exfiltration of data from an air-gapped system remains a challenge.”
Up until now, anyway.
The researchers have dubbed this new technique “PowerHammer,” and it accomplishes the task of siphoning data from air-gapped systems by creating fluctuations in the flow of electrical current to create a Morse-code-like pattern, which can be used to create a simple binary system.
That accomplished, the only other thing that’s needed is a piece of hardware to monitor the flow of electricity as it passes through power lines and then, decode the signal. According to the research team, data transfer speeds of up to 1000bps can be achieved.
This should scare the daylights out of anyone in data security.