Home / News & Videos / News / Homeland & Cyber Security /

A Computer’s Blinking Light Could Transmit Data

A Computer’s Blinking Light Could Transmit Data

February 22, 2017

Homeland & Cyber Security

Wired — A desktop computer’s tiny blinking LED light would hardly arouse the suspicions of anyone working in an office after hours. However, that LED could be silently winking out an optical stream of the computer’s secrets to a data-stealing drone.

BGU researchers built just such a drone, and demonstrated how it could be used as a very real espionage technique. If an attacker can plant malware on a system – for example, by paying an insider to infect it via USB or SD card – every blink of its hard drive LED can spill sensitive information to a spy with a line of sight on the compromised machine.

mordechai-guri

Dr. Mordechai Guri

“If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker,” says Dr. Mordechai Guri, head of research and development at BGU’s Cyber Security Research Center (CSRC).

“We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance.”

An air gap, or a complete disconnection from the internet, has been proven to not be the impenetrable defense it was once thought to be. BGU researchers alone have discovered ways to bypass the security measure using just a computer’s fan, noise from its hard drive and heat output, to name a few.

Exploiting the computer’s hard drive indicator LED has the potential to be an even stealthier, higher-bandwidth and longer-distance form of air-gap-hopping communications. By transmitting data from a computer’s hard drive LED with Morse code-like patterns of on and off signals, the researchers found they could move data as fast as 4,000 bits per second, or close to a megabyte every half hour.

“The LED is always blinking as it is searching and indexing, so no one suspects anything, even in the night,” says Guri.

“It’s possible for the attacker to cause such fast blinking that a human never sees it,” adds Guri.

The good news is that the BGU researchers point to clear countermeasures to block hard drive LED exfiltration. They suggest keeping air-gapped machines in secure rooms away from windows or placing film over a building’s glass designed to mask light flashes.

But the simplest countermeasure by far is simply to cover the computer’s LED itself. Soon, a piece of tape obscuring a computer’s hard drive LED may be a hallmark of someone who anticipates a spy drone at every window.

Read more on the Wired website >>