Researchers Steal Data from Offline Computer in a Faraday Cage
08.02.2018, 15:51|Asaf Shalev
A new technique that beats information security measures like air gaps and metal-lined Faraday cages was demonstrated by Israeli cyber researchers who named their project Odini after the escape artist Harry Houdini
Countries and companies protect their most sensitive information in computers that are sealed off from any networks. To add an extra layer of protection, these air-gapped computers are often placed in metal-lined Faraday rooms that block the passage of electromagnetic signals.
On Wednesday, scientists based at Ben Gurion University of the Negev in Israel published research demonstrating a new method of extracting data from these secure environments. The team showed how a computer’s processor can produce magnetic radiation that carries data through the air and across metal barriers.
Enough data can trickle out this way for someone standing nearby to pick up a string of keystrokes such as a password in a matter of minutes.
The teams named their discovery the Odini method, a reference to the escape artist Harry Houdini.
“While Faraday rooms may successfully block electromagnetic signals which emanate from computers, low-frequency magnetic radiation disseminates through the air, penetrating metal shields within the rooms,” Mordechai Guri, who heads university cyber research team, said in a statement. “That’s why a compass still works inside of a Faraday room. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any desktop PCs, servers, laptops, embedded systems and other devices.”
Many information security researchers focus on finding ways to penetrate networks. Mr. Guri has built a career on finding ways to get air-gapped computers to send out information using overlooked signals.
His team previously showed how a computer’s lights, for example, can send out information in morse code. Computers parts also emit sound and heat, which can be taken advantage of in similar ways.
All of these methods require infecting the air-gapped computer with malware. The foreign code, which can be introduced via USB stick, is what tells computer parts to blink or spin in data-containing patterns.