Hackers Can Steal Data from PCs That Aren’t Online
Hackers Can Steal Data from PCs That Aren’t Online
November 24, 2014
Bloomberg — When governments, utilities and corporations need to protect their most sensitive data, they create what’s called an air-gap network. It involves storing information on computers that are never connected to the Internet, an extreme method of isolation designed to prevent any chance of data leaking out.
Air-gap networks were once considered the “magic bullet” for securing data, but BGU researchers have found a way to compromise those machines.
Once a computer is infected with a particular kind of virus, hackers can trick the PC into relaying information that can be wirelessly retrieved from a mobile phone located outside of the room.
The technology won’t be used to steal something as innocuous as your Gmail password. This is some “Mission Impossible” stuff that a cyber-espionage gang or state-sponsored hacker might use to access extremely valuable secrets.
“The scenario is that you go to a secure facility and leave your cell phone at the entrance,” said Dudu Mimran, chief technology officer of BGU’s Cyber Security Labs. “The virus will send the data to your phone.”
The University’s findings have ignited a discussion within cyber security circles about the effectiveness of air-gap networks. Since the BGU’s Cyber Security Labs published its findings, its website and YouTube video got more than 100,000 views combined.
The researchers are now working on ways to mitigate the effects of such a breach. They say they have yet to find a way to protect against the attack other than to store equipment in special metal enclosures or to build walls thick enough to scramble radio frequencies and block the transmission.
Read more on the Bloomberg website >>
Stories Like This
