Skip to main content

Not even devices disconnected from the internet are safe

By April 24, 2017October 23rd, 2018Security

By now you have probably heard about dozens, if not hundreds of different ways hackers exploit computers and computer networks. Each way more crafty then the last. There is one theme that is usually common across these attempts…the internet. Hackers usually find their way into your network or connected device because of that “connected” part. When you are connected to the internet it is a gateway for anyone to potentially reach you. However, if you are trying to stay off the grid and protect sensitive data you might just say to yourself “I just won’t connect that device to the internet and they can’t get me”. This seems like a pretty air tight concept, but of course someone somewhere found a way to bypass this.

Naturally the only way to get past all this is to find other ways to relay data other than the web. A group of researchers at Ben-Gurion’s cybersecurity lab devised a way to obtain data from a computer that is secured in what is known as an “air gap” where the computer is disconnected from the internet. All they needed to do was get malware planted on the system. How? You just need to get an insider or a way to get the malware on the computer with a USB or SD card. Which could be as simple as paying someone to infect it, they don’t have to go download the hard drives or do anything crazy either, just plant the malware on the device. The next step is to recover that information and you’ll be shocked at how they did it…

The research team from Ben-Gurion University took a drone and used it to fly up to the window of an office building and view the computer’s hard drive indicator light. That tiny little light that blinks when your hard drive is in use is all that they needed to transmit data and steal information off of the computer in the “air gap”. You can even see for yourself with this YouTube video how they did it

Each blink of the indicator light is like a morse-code signal that a drone, or even a telescopic lens could view and use as information. While the data transfer rate is not exactly high speed internet (only about a megabyte every half hour) it is fast enough to grab an encryption key in a couple seconds.

As mentioned before this is not some operation you see in the movies with someone breaking in and having to download files and get out or your screen gets locked up with a virus. In fact this is so covert that you would likely have no idea it is happening. The hard drive light is always blinking so that would never tip you off. All someone needs is a simple smartphone camera which can capture data at around 60 bits per second or as advanced as a high-frequency light sensor it could capture data at 4,000 bits per second. The light could even blink so briefly, that with a high-frequency sensor it would be undetectable with human eyes.

The good part about all of this is that there are some easy ways to avoid this type of attack. For one avoid keeping any devices you are keeping in the “air gap” (disconnected from the internet) in a room away from windows. Another way is just cover the LED indicator light, plain and simple. So while the solutions might be pretty simple to prevent something like this, the idea is to keep your mind open about the fact that hackers will always be searching for new ways into your devices.