What is Air-gapped system...???
Air gap refers to computers or n/w's that are not connected directly to the Internet or to any other computers that are connected to the Internet.
Where these Air-gapped systems used...???
Air-gapped systems are used in classified military n/w's, the payment n/w's that process Credit and Debit card transactions for retailers, and in industrial control systems that operate critical infrastructure. Even journalists use them to prevent intruders from remotely accessing sensitive data.
So, to siphon data from an Air-gapped system, generally requires physical access to the machine, using removable media like a USB flash drive or a FireWire cable to connect the Air-gapped system directly to another computer.
What researchers find to hack an Air-gapped system...???
Security researchers at Ben Gurion University in Israel have found a way to retrieve data from an Air-gapped computer using only " Heat Emissions " and a computer's built in " Thermal Sensors ".
The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an Internet connected system that's in close proximity and that the attackers control. They could also use the Internet connected system to send malicious commands to the Air-gapped system using the same heat and sensor technique.
Watch video :
Click here---->>>. Hackers are using new method to hack any computer even it is Air-gapped
In this video, researchers showed how they were able to send a command from one computer to an adjacent machine to re-position a missile-launch toy the Air-gapped system controlled.
How much time and distance we need to send data....???
The proof of concept attack requires both systems to first be compromised with malware. And currently, the attack allows for just 8 bits of data to be reliably transmitted over an hour - a rate that is sufficient for an attacker to transmit brief commands or siphon a password or secret key but not large amount of data. It also works only if the Air-gapped system is within 40cm ( about 15 inches ) from the other computer the attackers control.
But, the researchers at Ben Gurion's Cyber Security labs, note that this latter scenario is not uncommon, because Air-gapped systems often sit on desktops alongside Internet-connected ones so that workers can easily access both.
Who developed this...???
The method was developed by Mordechi Guri in a project overseen by his adviser Yuval Elovici. The research represents just a first says Dudu Mimran, cheif technology officer at the lab, who says they plan to present their findings at a security conference in Tel Aviv next week and release a paper describing their work later on. They said, " they may be able to increase the distance between the two communicating computers and the speed of data transfer between them ".
How this technique works....???
Computers produce varying levels of heat depending on how much processing they're doing. In addition to the CPU, the graphics-processing unit and other mother board components produce significant hear as well. A system that is simultaneously streaming video, downloading files and surfing Internet will consume a lot of power and generate heat.
To monitor the temperature, computers have a number of built-in thermal sensors to detect heat fluctuations and trigger an internal fan to cool the system of when necessary or even shut it down to avoid damage.
The attack, which the researchers dubbed Bit whisper, uses these sensors to send commands to an Air-gapped system or siphon data from it. The technique works a bit like Morse Code, with the transmitting system using controlled increase of heat to communicate with the receiving system, which uses its built-in thermal sensors to then detect the temperature changes and translate them into a binary "1" or "0".
To communicate a binary "1" in their demonstration for example:, the researchers increase the heat emissions of the transmitting computer by just 1 degree over a predefined timeframe. Then to transmit a "0" they restored the system to its base temperature for another predefined timeframe. The receiving computer, representing the Air-gapped system, then translated this binary code into a command that caused it to reposition the toy missile launcher.
The researchers designed their malware to take into consideration normal temperature fluctuations of a computer and distinguish these from fluctuations that signal a system is trying to communicate. And although their malware increased the temperature by just one degree to signal communication, an attacker could increased the temperature by any amount as long as it's with in reason, to avoid creating the suspicion that can a company an overactive computer fan if the computer overheats.
Communication can also be bidirectional with both computers capable of transmitting or receiving commands and data. The same method, for example: could have been used to cause their Air-gapped system to communicate a password to the other system.
The malware on each system can be designed to search for nearby PCs BT instructing an infected system to periodically emit a thermal ping - to determine, for example; when a government employee has placed his infected laptop next to the classified desktop system. The two systems would then engage in a handshake, involving a sequence of " thermal pings " of +1C degrees each, to establish a connection.
But, in situations where the Internet-connected computer and the Air-gapped one are in close proximity for an ongoing period, the malware could simply be designed to initiate a data transmitted automatically at a specified time - perhaps at midnight when no one's working to avoid detection- without needing to conduct a handshake each time.
The time it take to transmit data from one computer to another computer depends upon several factors, including the distance between the two computers and their position and layout. The researchers experimented with a number of scenarios- with computer towers side-by-side, back-to-back and shaded on top of each other. The time it took them to increase the heat and transmit a " 1 " varied between 3 and 20 minutes depending. The time to restore the system to normal temperature and transmit a "0" usually took longer...
Future plan :
In the above video, they used one computer tower to initiate a command to an adjacent computer tower represented an Air-gapped system. But, future research might involve using the so-called internet of things as an attack vector- an Internet- connected heating and air conditioning system or a fax machine that's remotely accessible and can be compromised to emit controlled fluctuations in temperature.
Final Words....!!!
There is also another way to hack the computer's data with the heat releasing technique. I'll post soon.. So, any suggestions or queries...??? Please comment below...
No comments:
Post a Comment