How researchers hacked a computer that wasn’t connected to the Internet

Researchers in Israel were able to steal data from a computer that was disconnected from the Internet and sitting by itself in another room. Here's why the hack and others like it matter for the safety of cars, power plants, and financial networks.

|
Kacper Pempel/Reuters/File
Researchers measured electromagnetic radiation in order to take data from a computer that was disconnected from the Internet.

Most modern hacking attacks follow a similar pattern: an attacker discovers a computer or Internet database that isn’t well-protected, and finds a way to gain access to information stored there. Maybe the attacker gains access by using stolen credentials, as was the case in 2014 when millions of credit card records were stolen from Target. Or maybe a device connected to the Internet, such as a baby monitor, sends out unencrypted communications or has an easy-to-guess default password.

To protect against these kinds of hacks, important computer networks such as military servers and power plant control systems are often isolated from the public Internet, and from other systems that are connected to the Internet.

This separation, known as an “air gap,” means that the network cannot be accessed by remote attackers. Data can only be removed from the secure network if someone with physical access to the server copies information onto a USB drive or other medium.

But even air-gapped networks can be infiltrated. In 2010, the Stuxnet worm targeted the software controlling nuclear centrifuges in Iran by infecting the USB drives used to access industrial networks. And this month, researchers at Tel Aviv University and Technion Research and Development in Israel reported that they were able to steal information off a computer that was sitting, disconnected from the Internet, in a different room from the attacker.

Even when a computer isn’t connected from the Internet, it still leaks electromagnetic radiation – radio waves – as it operates. The Tel Aviv researchers were able to measure those emanations using an antenna and an amplifier, and use the information to extract a cryptographic key from the target computer. The attack allowed the researchers “to extract the whole secret key by monitoring the target’s electromagnetic (EM) field for just a few seconds,” the team wrote in a recently published paper.

But this doesn’t mean that hackers can now simply pull data from devices that are turned off or otherwise disconnected from public networks. The air-gap attack performed by the researchers requires lab equipment that costs about $3,000, reports Motherboard, and the researchers still had to get within a few meters of the target computer. But the research shows that even if software vulnerabilities are patched, there may be other ways for attackers to gain access to a system.

This is important for government, military, and financial computer networks, portions of which are often air-gapped, to protect sensitive information from being reachable by, or even visible to, hackers. It also affects cars that can be unlocked by pressing a button on a key fob: those wireless communications are separate from the Internet, but criminals may still be able to capture them to gain access to the car.

To better protect air-gapped networks from attacks, policy makers may require limits on how much electromagnetic leakage is acceptable from a particular system. The National Security Agency’s TEMPEST specification, for example, outlines how much shielding must be placed in devices and even how far apart wires carrying classified data must be placed from wires carrying unclassified data. Other specifications limit variations in a computer’s power consumption and even the noise produced by typing, so as not to disclose any information about the system.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to How researchers hacked a computer that wasn’t connected to the Internet
Read this article in
https://www.csmonitor.com/Technology/2016/0216/How-researchers-hacked-a-computer-that-wasn-t-connected-to-the-Internet
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe