Buzz
It may sound unbelievable, but previous research has demonstrated out-of-band communication methods that attackers use to steal data from compromised air-gapped computers through various channels such as waves, light, sound, heat, electromagnetism, and even ultrasound.
(Shock) Computers Vulnerable to Hacking through a Surprising Element: The Power Cord
Air-gapped computers are isolated from the Internet and local networks, considered the safest devices where attackers find it challenging to infiltrate or extract data.
Researchers state, 'It's part of targeted attacks; adversaries can breach air-gapped networks using social engineering, supply chain attacks, or malicious insiders. Notably, some APTs discovered in the past decade, like Turla, RedOctober, and Fanny, have demonstrated the ability to infect air-gapped networks.'
'While the practical security of air-gapped systems has been proven, the possibility of attackers stealing data from air-gapped computers using different techniques cannot be ruled out,' they add.
Known as PowerHammer, the latest hacking technique seizes control of air-gapped computer CPUs using specially designed malware, generating oscillations in the current flow in Morse code patterns to transmit data hints in binary format (i.e., 0 and 1).
To gather binary information, attackers need to implant hardware to monitor the current flowing through the power cord (to measure emitted electricity) and then decode the data.
Researchers also added, 'We discovered that malware running on a computer can adjust the energy consumption in the system by controlling the CPU workload. Binary data can be modulated based on changes in current, transmitted through the power lines, and intercepted by the attacker.' Currently, there is a variety of software to monitor CPU temperature for timely intervention, such as the excellent CPUID HWMonitor.
According to the researchers, attackers can extract data from a computer at a rate ranging from 10 to 1000 bits per second, depending on their approach.
If attackers can compromise the power lines inside the target building connected to the computer, the speed will be higher. These attacks are referred to as 'line-level powerhammering.'
Slower speed in the 'phase-level powerhammering' attack variant can be exploited from the electrical control board outside the building.
In both attack variants, the attacker measures and encodes the conducted emissions, then decodes the filtered data.
In line-level PowerHammering attacks, researchers can extract data from computers running a 4-core Intel Haswell processor at a speed of 1000 bits per second and an Intel Xeon E5-2620 server at 100 bits per second, both with a 0% error rate.
Phase-level attacks exhibit lower performance. Due to background noise in phase-level attacks (as power is shared with connected devices like lighting fixtures), researchers can achieve a speed of 3 bits per second with a 0% error rate, though it may increase to 4.2% at a speed of 10 bits per second.
According to researchers: 'The results indicate that in phase-level powerhammering attacks, computers can only be used to filter small amounts of data such as passwords, authentication codes, encryption keys, etc.'
While it may sound quite intricate, the revelation that computers can be easily hacked through the power cord is quite shocking. If your reading computer stores a significant amount of crucial data, it's essential to explore top-notch computer security methods such as installing the best antivirus software or investing in a standard data backup system.
To enhance the user experience, Microsoft is currently testing the Office 2016 Insider Preview program with additional features for Excel, PowerPoint, and Project, offering uniquely useful and significant functionalities.
