Data Stolen From Computer Using Monitor Brightness

The conventional wisdom of computer security holds that the most sensitive data should live exclusively in “air-gapped” systems without a network connection. Though no security protocol is completely foolproof.

We’ve seen a few methods of extracting data from air-gapped systems, and the latest is particularly insidious. Researchers at Ben Gurion University have discovered a way to leak data from a computer through changes in display brightness.

Similar to some past methods, the system requires some planning. It’s not a vulnerability in any software or hardware that someone can exploit to steal data, instead, an attacker will need access to the computer to install a piece of malware. They could also use social engineering to get someone who has legitimate access to an air-gapped system to load malware.

The exploit developed by the team takes the data from the secure system and encodes it as binary. To exfiltrate the data, you need a camera near the system that can see the screen. By making subtle changes in the monitor’s RGB color values, the malware sends the 1s and 0s visually.

The changes can also flip on and off as fast as the monitor refreshes. Someone sitting at the computer won’t notice anything amiss, but their actions could slowly trickle out on a video feed.

Watch the technique at work in the video below.

The variations in the “filtered” side are almost imperceptible, so no one has any hope of spotting them unaided. The complicated setup is a drawback of this attack, and you’re also not going to get a lot of data.

Under ideal conditions, the Ben Gurion University team was able to extract 5 bits per second from the air-gapped machine. That’s about 60 times slower than an old-fashioned Bell 300 baud dial-up modem from the 1970s. This is enough to grab text from the system, but that’s it.

While this particular technique isn’t something you need to worry much about, there are much easier ways to steal data from devices that connect to the internet.

This is why it’s so important to have a strong IT team with the knowledge to provide digital security services to protect you and your business. Custom Cabling offers everything you need to keep your business safe. From Managed IT and controlled access, to security systems. Don’t wait till you have a data breach before you act. Call us today.

Related articles

The Workplace Is Being Reborn with Modern Tech

The Workplace Is Being Reborn with Modern Tech

You’ve probably noticed that the modern workplace looks a lot ­different than it did just five years ago, and technology is both driving the change and enabling it. While there is a lot of talk about the future of work, I’d argue that the future has arrived, and any...

We Offer Comprehensive Services for Columbus Businesses

blue network cables

Network Cabling

We design, install, update and maintain voice & data networks.

Learn More →

Fiber Optics

Upgrade to fiber and accelerate your network to light speed.

Learn More →

VOIP System

Today’s VOIP delivers crystal clarity and call management.

Learn More →

WIFI Solutions

Add secure wireless network to your enterprise, SMB or coffee shop.

Learn More →

Security Systems

Protect your team and assets with surveillance,  recording, and alerts.

Learn More →

IT Services

Cloud Services, Managed ​IT Services and BITS rescue.​

Learn More →

error: Content is protected !!
Share This