The conventional wisdom of computer security holds that the most sensitive data should live exclusively in “air-gapped” systems without a network connection. Though no security protocol is completely foolproof.
We’ve seen a few methods of extracting data from air-gapped systems, and the latest is particularly insidious. Researchers at Ben Gurion University have discovered a way to leak data from a computer through changes in display brightness.
Similar to some past methods, the system requires some planning. It’s not a vulnerability in any software or hardware that someone can exploit to steal data, instead, an attacker will need access to the computer to install a piece of malware. They could also use social engineering to get someone who has legitimate access to an air-gapped system to load malware.
The exploit developed by the team takes the data from the secure system and encodes it as binary. To exfiltrate the data, you need a camera near the system that can see the screen. By making subtle changes in the monitor’s RGB color values, the malware sends the 1s and 0s visually.
The changes can also flip on and off as fast as the monitor refreshes. Someone sitting at the computer won’t notice anything amiss, but their actions could slowly trickle out on a video feed.
Watch the technique at work in the video below.
The variations in the “filtered” side are almost imperceptible, so no one has any hope of spotting them unaided. The complicated setup is a drawback of this attack, and you’re also not going to get a lot of data.
Under ideal conditions, the Ben Gurion University team was able to extract 5 bits per second from the air-gapped machine. That’s about 60 times slower than an old-fashioned Bell 300 baud dial-up modem from the 1970s. This is enough to grab text from the system, but that’s it.
While this particular technique isn’t something you need to worry much about, there are much easier ways to steal data from devices that connect to the internet.
This is why it’s so important to have a strong IT team with the knowledge to provide digital security services to protect you and your business. Custom Cabling offers everything you need to keep your business safe. From Managed IT and controlled access, to security systems. Don’t wait till you have a data breach before you act. Call us today.
