Nav: Home

Cameras can steal data from computer hard drive LED lights -- Ben-Gurion U. study

February 22, 2017

BEER-SHEVA, Israel...Feb. 22, 2017 - Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have demonstrated that data can be stolen from an isolated "air-gapped" computer's hard drive reading the pulses of light on the LED drive using various types of cameras and light sensors.

In the new paper, the researchers demonstrated how data can be received by a Quadcopter drone flight, even outside a window with line-of-sight of the transmitting computer. Click here to watch a video of the demonstration.

Air-gapped computers are isolated -- separated both logically and physically from public networks -- ostensibly so that they cannot be hacked over the Internet or within company networks. These computers typically contain an organization's most sensitive and confidential information.

Led by Dr. Mordechai Guri, head of R&D at the Cyber Security Research Center, the research team utilized the hard-drive (HDD) activity LED lights that are found on most desktop PCs and laptops. The researchers found that once malware is on a computer, it can indirectly control the HDD LED, turning it on and off rapidly (thousands of flickers per second) -- a rate that exceeds the human visual perception capabilities. As a result, highly sensitive information can be encoded and leaked over the fast LED signals, which are received and recorded by remote cameras or light sensors.

"Our method compared to other LED exfiltration is unique, because it is also covert," Dr. Guri says. "The hard drive LED flickers frequently, and therefore the user won't be suspicious about changes in its activity."

Dr. Guri and the Cyber Security Research Center have conducted a number of studies to demonstrate how malware can infiltrate air-gapped computers and transmit data. Previously, they determined that computer speakers and fans, FM waves and heat are all methods that can be used to obtain data.
-end-
In addition to Dr. Guri, the other BGU researchers include Boris Zadov, who received his M.Sc. degree from the BGU Department of Electrical and Computer Engineering and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center. Prof. Elovici is also a member of Ben-Gurion University's Department of Software and Information Systems Engineering and director of Deutsche Telekom Laboratories at BGU.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, which is headquartered in Manhattan, has nine regional offices throughout the United States. For more information, visit http://www.aabgu.org

American Associates, Ben-Gurion University of the Negev

Related Malware Articles:

Browser tool aims to help researchers ID malicious websites, code
Researchers have developed an open-source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs.
Tech companies not doing enough to protect users from phishing scams
Just over 15 years after the first reported incident of phishing, new research from the University of Plymouth suggests tech companies could be doing more to protect users from the threat of scams.
New computer attack mimics user's keystroke characteristics and evades detection, according to Ben-Gurion University cyber researchers
'Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission,' Farhi says.
Illinois researchers add 'time-travel' feature to drives to fight ransomware attacks
One of the latest cyber threats involves hackers encrypting user files and then charging ''ransom'' to get them back.
Design flaws create security vulnerabilities for 'smart home' internet-of-things devices
NC State researchers find countermeasures for designers of security systems and other smart home devices.
New technique uses power anomalies to ID malware in embedded systems
Researchers have developed a technique for detecting types of malware that use a system's architecture to thwart traditional security measures.
How a personality trait puts you at risk for cybercrime
Impulse online shopping, downloading music and compulsive email use are all signs of a certain personality trait that make you a target for malware attacks.
Research finds bots and Russian trolls influenced vaccine discussion on Twitter
Social media bots and Russian trolls promoted discord and spread false information about vaccines on Twitter using tactics similar to those at work during the 2016 United States presidential election, according to new research led by the George Washington University.
New malicious email detection method that outperforms 60 antivirus engines -- Ben-Gurion
They compared their detection model to 60 industry-leading antivirus engines as well as previous research, and found their system outperformed the next best antivirus engine by 13 percent -- significantly better than such products including Kaspersky, MacAfee and Avast.
Can your cardiac device be hacked?
Medical devices, including cardiovascular implantable electronic devices could be at risk for hacking.
More Malware News and Malware Current Events

Top Science Podcasts

We have hand picked the top science podcasts of 2019.
Now Playing: TED Radio Hour

In & Out Of Love
We think of love as a mysterious, unknowable force. Something that happens to us. But what if we could control it? This hour, TED speakers on whether we can decide to fall in — and out of — love. Guests include writer Mandy Len Catron, biological anthropologist Helen Fisher, musician Dessa, One Love CEO Katie Hood, and psychologist Guy Winch.
Now Playing: Science for the People

#543 Give a Nerd a Gift
Yup, you guessed it... it's Science for the People's annual holiday episode that helps you figure out what sciency books and gifts to get that special nerd on your list. Or maybe you're looking to build up your reading list for the holiday break and a geeky Christmas sweater to wear to an upcoming party. Returning are pop-science power-readers John Dupuis and Joanne Manaster to dish on the best science books they read this past year. And Rachelle Saunders and Bethany Brookshire squee in delight over some truly delightful science-themed non-book objects for those whose bookshelves are already full. Since...
Now Playing: Radiolab

An Announcement from Radiolab