“Our experiment shows that sensitive data can be successfully leaked from air-gapped computers via the HDD LED at a maximum bit rate of 4000 bit/s (bits per second), depending on the type of receiver and its distance from the transmitter,” the report said. This makes the attack covert in that it likely wouldn’t be noticed by the user if it occurred.
And, even if it was, the normal operation of the LED is to blink frequently.
How to secure your email via encryption, password management and more (TechRepublic Premium)Īccording to the research report, the LED can be forced to blink at up to 5800 blinks per second, which is a rate that isn’t able to be perceived by the human eye. In security, there is no average behavior
Must-read security coverageĨ5% of Android users are concerned about privacyĪlmost 2,000 data breaches reported for the first half of 2022 Once it is in the line of sight of the LED, it records the blinks and steals the data. In a YouTube video put together by the researchers, a drone with a camera is flown up multiple stories outside of an office building until it locates the blinking HDD LED. SEE: Report: Data breaches growing more complex, causing more damage However, that doesn’t mean that it is impossible to exfiltrate the computer’s data, as shown in this demonstration. What’s worse is that the sensitive data was leaked from an air-gapped computer, the research report said.Īs noted by ZDNet’s Liam Tung, an air-gapped machine is one that is physically isolated from unsecure networks and, in theory, is harder to hack.
Security researchers from Ben Gurion University in Israel recently demonstrated an attack in which they infected a target machine with malware that was able to control the LED, and cause it to blink in a pattern which transmitted encoded data from the machine. You know that blinking light on your hard-disk drive (HDD) that tends to flicker non-stop? Well, it could be used to steal data from your computer, without you even knowing it was happening.