Nav: Home

Cameras can steal data from computer hard drive LED lights -- Ben-Gurion U. study

February 22, 2017

BEER-SHEVA, Israel...Feb. 22, 2017 - Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have demonstrated that data can be stolen from an isolated "air-gapped" computer's hard drive reading the pulses of light on the LED drive using various types of cameras and light sensors.

In the new paper, the researchers demonstrated how data can be received by a Quadcopter drone flight, even outside a window with line-of-sight of the transmitting computer. Click here to watch a video of the demonstration.

Air-gapped computers are isolated -- separated both logically and physically from public networks -- ostensibly so that they cannot be hacked over the Internet or within company networks. These computers typically contain an organization's most sensitive and confidential information.

Led by Dr. Mordechai Guri, head of R&D at the Cyber Security Research Center, the research team utilized the hard-drive (HDD) activity LED lights that are found on most desktop PCs and laptops. The researchers found that once malware is on a computer, it can indirectly control the HDD LED, turning it on and off rapidly (thousands of flickers per second) -- a rate that exceeds the human visual perception capabilities. As a result, highly sensitive information can be encoded and leaked over the fast LED signals, which are received and recorded by remote cameras or light sensors.

"Our method compared to other LED exfiltration is unique, because it is also covert," Dr. Guri says. "The hard drive LED flickers frequently, and therefore the user won't be suspicious about changes in its activity."

Dr. Guri and the Cyber Security Research Center have conducted a number of studies to demonstrate how malware can infiltrate air-gapped computers and transmit data. Previously, they determined that computer speakers and fans, FM waves and heat are all methods that can be used to obtain data.
-end-
In addition to Dr. Guri, the other BGU researchers include Boris Zadov, who received his M.Sc. degree from the BGU Department of Electrical and Computer Engineering and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center. Prof. Elovici is also a member of Ben-Gurion University's Department of Software and Information Systems Engineering and director of Deutsche Telekom Laboratories at BGU.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, which is headquartered in Manhattan, has nine regional offices throughout the United States. For more information, visit http://www.aabgu.org

American Associates, Ben-Gurion University of the Negev

Related Malware Articles:

Network traffic provides early indication of malware infection
By analyzing network traffic going to suspicious domains, security administrators could detect malware infections weeks or even months before they're able to capture a sample of the invading malware, a new study suggests.
Combination of features produces new Android vulnerability
A new vulnerability affecting Android mobile devices results not from a traditional bug, but from the malicious combination of two legitimate permissions that power desirable and commonly used features in popular apps.
Weaponizing the internet for terrorism
Writing in the International Journal of Collaborative Intelligence, researchers from Nigeria suggest that botnets and cyber attacks could interfere with infrastructure, healthcare, transportation, and power supply to as devastating an effect as the detonation of explosives of the firing of guns.
Android apps can conspire to mine information from your smartphone
'What this study shows undeniably with real-world evidence over and over again is that app behavior, whether it is intentional or not, can pose a security breach depending on the kinds of apps you have on your phone,' said researcher Gang Wang.
Desktop scanners can be hijacked to perpetrate cyberattacks
The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner.
New technique completely protects internet video from cyberattacks -- Ben-Gurion University study
To counter this emerging threat, Professor Hadar developed a series of algorithms that can completely prevent attackers from being able to infiltrate and extract information through videos or pictures.
Staying a heartbeat ahead of hackers
Nearly a million new forms of malware are unleashed on the world every day.
Cameras can steal data from computer hard drive LED lights -- Ben-Gurion U. study
The research team utilized the hard-drive (HDD) activity LED lights that are found on most desktop PCs and laptops.
NTU and FireEye join forces to grow the ranks of Singapore's cyber security experts
Nanyang Technological University, Singapore (NTU Singapore) and leading cyber security company FireEye are inking a partnership to explore new areas in cyber security research, and to develop courses to meet the rising demand for cyber security professionals needed to help defend critical networks.
Bring your own (security) disaster
Bring your own device (BYOD) to work is common practice these days.

Related Malware Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Jumpstarting Creativity
Our greatest breakthroughs and triumphs have one thing in common: creativity. But how do you ignite it? And how do you rekindle it? This hour, TED speakers explore ideas on jumpstarting creativity. Guests include economist Tim Harford, producer Helen Marriage, artificial intelligence researcher Steve Engels, and behavioral scientist Marily Oppezzo.
Now Playing: Science for the People

#524 The Human Network
What does a network of humans look like and how does it work? How does information spread? How do decisions and opinions spread? What gets distorted as it moves through the network and why? This week we dig into the ins and outs of human networks with Matthew Jackson, Professor of Economics at Stanford University and author of the book "The Human Network: How Your Social Position Determines Your Power, Beliefs, and Behaviours".