In the current cyber era, attackers have shown that they can breach many organizations assumed to be secured. They use advanced social engineering techniques and exploit 0-day weakness in order to infiltrate the target network, while evade defense methods such as intrusion detection and protection systems (IDS/IPS), firewalls, antivirus programs, and similar.
Scientists at Ben Gurion University have shown a new method for taking data from a computer that is not connected. Efficient medium to interact is the light emitting diode (LED) for the hard disc, which can flash up to 5800 times per second. Couple this with typical camera systems, we can transfer data at a rate of 4 kb/s, which does not seem much, but good enough that in a few seconds, the hackers could transmit the encryption key.
Compared with other visual methods that use the computer's screen or computer keyboard light to confidentially transmit data, the hard-drive LED sign, which blinks anytime a program gain access to the hard drive, consistently flashes even when a computer is sleeping.
Any malware that simply gets the ability of a normal user, instead of deeper administrative privileges, can manipulate it. The team of researches used a Linux workstation for their testing, but the effects should be the same on a Windows device.
Choosing LED has many advantages over other techniques. Most of all, it is very evident, as the lights anyway blink all the time, even computer does 'n do anything. Furthermore, it could be turned on and off quickly, the human eye this do not see. For really, this is one of the most far-reaching methods of communication.
This approach does not require any special hardware. It coordinates with any computer that has an HDD activity LED. This component is found on most desktop PCs, laptops, and servers today.
Data may look outside the box, just as long as we have LED light visible. You can leave modern drones in front of the window room with a computer and steal the information.
"The LED is always flashing as it's doing seeking and indexing, so nobody suspects, even in the night," says Mordechai Guri, lead scientist. "It's very stealthy, actually."
The analysts found that when their program read below 4 kilobytes from the computer's storage space each time, they could trigger the hard drive's LED indicator to blink for below a fifth of a millisecond. They then tried out using those rapid fire blinks to send messages to a range of cameras and light indicators from an "infected" computer using a binary system of data coding.
They found that a regular smartphone camera can maximum get around 60 bits per second because of its lower frame rate, while a GoPro camera grabbed as much as 120 bits per second. A Siemens photodiode sensor was far better suited to their high-frequency light sensing needs, though, and allowed them to hit their 4,000 bits per second max transmission.
The good news, however, for any person security-sensitive enough to worry about the researchers' work and the easiest countermeasure is, simply, to cover the computer's LED light bulbs.
Once, a piece of tape over a laptop's webcam was a sign of paranoia, today, this option may be the most effective way to protect yourself.