Air-gapped computers represent one of the highest security measures one can take to secure a particular system. After all, the computer in question has no connection to any other network whether it is offline or online and in some cases is also physically isolated. How do you hack such a computer? Turns out, we have some insights into that too.
Mordechai Guri from Ben Gurion University in Israel has found out a new way that allows the attacker to extract data from such a computer.
Firstly, a piece of malware needs to be installed on a device through for example a mechanism such as a malicious USB. Then that malware needs to install code that can enable the very process of screen modulation to occur.
With this done, the attacker can alter the brightness of the LED screen on a very minimum scale and very fastly making them invisible to the human eye. Elaborating, the researchers state in their paper,
“How it works even while the user is working on the computer. Malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys, and passwords), and modulate it within the screen brightness, invisible to users.”
Watch as researchers leak sensitive data from the air-gapped computer using its screen brightness:
However, the data that is being transmitted on the screen covertly needs to be collected in video form by the attacker. Various ways exist to do this with plausible options being one’s smartphone (range of 1.5m), surveillance cameras or even hidden cameras (range of 9m) specifically for this purpose.
Once collected, the information obtained needs to be reconstructed which can be done using image-processing techniques. Yet it is important to realize that this is just one of several ways that exist to hack air-gapped computers.
The very same researchers have also listed other techniques in the past that involves attacks using sound, radio and noise signals to extract data. All of these though should be considered keeping in mind the practicalities of the real world.
Is it even possible to set up a surveillance camera around an air-gapped computer that would inherently be in a secure location? Yes for some but a no for some systems as well. Overall, it all boils down to the specifics.
Furthermore, all of these have countermeasures as well, those that are not difficult to put in place. One such solution is mentioned by them of ” a polarized film which covers the screen. The user gets a clear view while humans and cameras at a distance would view a darkened display.” Hence, all of these need to be kept in mind.