58 views
0

WHY THIS MATTERS IN BRIEF

Security is a game of cat and mouse, and there are plenty of ways to steal top secret data …

 

Interested in the Exponential Future? Connect, download a free E-Book, watch a keynote, or browse my blog.

If you have top secret data to protect like, in today’s time Covid-19 vaccine data that certain governments around the world are reportedly trying to steal rather than work together, then there’s nothing quite as comforting to you as an air gap – air gaps are essentially what keeps your computer servers, networks, and most importantly data protected by keeping them, to all intents and purposes “off” the internet and physically separate from the remainder of your company’s infrastructure so no one can hack them.

 

RELATED
Elbit's persistent surveillance drone can watch entire cities in real time

 

Well, that used to be the case at least, until researchers at the Ben-Gurion University in Israel discovered new ways to steal your exfiltrate your precious data from these systems using everything from drones and lights, electromagnetic attacks and infra red, all the way through to reading the vibrations from electric powerlines.

Now that same team have done it again and unveiled a new method of exfiltrating data from air-gapped computers via fan vibrations. It’s the latest in a series of data-stealing tactics Guri and his team have demonstrated, all of them focused on methods of invisibly transmitting data from computers that are supposed to be isolated and completely secure.

 

RELATED
Facebook gets an EU E-Money license, parks its bus on the banks lawns

 

This technique, dubbed AiR-ViBeR, uses data encoded in fan vibrations to allow a system to pass information to a hidden observer. Guri and his team specialize in side-channel attacks, defined as “any attack based on information gained from the implementation of a computer system, rather than weaknesses in the implemented algorithm itself.” Spectre and Meltdown are the two most famous side-channel attacks in tech history at this point, but side-channel attacks come in many guises and the laws of physics make them very difficult to prevent.

 

 

See the attack in action

 

The reason it’s so difficult to stop side-channel attacks is that a CPU or GPU will draw different amounts of power, radiate different amounts of heat, and run their fans at different speeds depending on the workload being executed.

 

RELATED
China tests its cutting edge hypersonic aircraft that "rides its own shockwaves"

 

The research team writes:

“In this paper, we introduce a new type of vibrational (seismic) covert channel. We observe that computers vibrate at a frequency correlated to the rotation speed of their internal fans. These inaudible vibrations affect the entire structure on which the computer is placed. Our method is based on malware’s capability of controlling the vibrations generated by a computer, by regulating its internal fan speeds. We show that the malware-generated covert vibrations can be sensed by nearby smartphones via the integrated, sensitive \textit{accelerometers}. Notably, the accelerometer sensors in smartphones can be accessed by any app without requiring the user permissions, which make this attack highly evasive. We implemented AiR-ViBeR, malware that encodes binary information, and modulate it over a low frequency vibrational carrier. The data is then decoded by malicious application on a smartphone placed on the same surface (e.g., on a desk).”

This is the very essence of a side-channel attack. The malware in question doesn’t exfiltrate data by cracking encryption standards or breaking through a network firewall; instead, it encodes data in vibrations and transmits it to the accelerometer of a smartphone.

 

RELATED
DARPA is bringing the internet to the world's deepest oceans and mines

 

The speed of this exfiltration is anything but fast though. The highest speed the researchers measured was half a bit a second of information. What makes the attack interesting is the fact that it can be effectively deployed against an air-gapped system via a method of transmission effectively invisible to human senses. The low-level vibrations that a smartphone accelerometer can detect are too small for a human for humans to sense.

This is also why side-channel attacks will always be possible. The only way to prevent a CPU’s power consumption from varying depending on workload would be to run the CPU in maximum power-consumption mode at all times. The only way to keep a system’s fans from varying would be to use static fan speeds for both CPU and GPU, dramatically increasing noise. The only way to prevent CPUs from varying their clocks would be to return to the old, pre-SpeedStep days when CPUs ran at one and only one frequency. Even if a company took these steps, there would undoubtedly be other means of exfiltrating information via variations in other subsystems.

 

RELATED
China bans people with bad "social credit" from planes and trains

 

These issues aren’t going to impact ordinary users, but they’re problems that administrators of serious air-gapped systems have to consider, and while not every theoretical exfiltration threat is going to be worth responding to governments and certain corporations can’t afford to ignore the problem altogether.

About author

Matthew Griffin

Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the World Futures Forum and the 311 Institute, a global Futures and Deep Futures consultancy working between the dates of 2020 to 2070, and is an award winning futurist, and author of “Codex of the Future” series. Regularly featured in the global media, including AP, BBC, Bloomberg, CNBC, Discovery, RT, Viacom, and WIRED, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future. A rare talent Matthew’s recent work includes mentoring Lunar XPrize teams, re-envisioning global education and training with the G20, and helping the world’s largest organisations envision and ideate the future of their products and services, industries, and countries. Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Aon, Bain & Co, BCG, Credit Suisse, Dell EMC, Dentons, Deloitte, E&Y, GEMS, Huawei, JPMorgan Chase, KPMG, Lego, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, T-Mobile, and many more.

Your email address will not be published. Required fields are marked *