New Tool for Attackers, Heat

Security researchers at Ben Gurion University in Israel found a way to obtain data from an air-gapped computer system using heat emissions and a computer’s built in thermal sensors. An air-gapped system is isolated from the internet and is not connected to other systems that may be connected to the Internet. These systems are used when high security is needed due to the difficulty of siphoning data. Some organizations that use air-gappped systems include military as well as payment networks that process credit card information.

This method of using heat allows hackers to siphon passwords or security keys from a protected system to a system that is connected to the internet which is in close proximity to the protected system. The connected system could also send malicious commands to the protected system shown in the video below.

In order for this to work you need to have an Internet connected computer at max 15 inches away from the air-gapped system. The attack currently allows only 8 bits of data to be transmitted in a span of an hour. Which means large amounts of data can’t be stolen.

http://www.wired.com/2015/03/stealing-data-computers-using-heat/

 

Zane Grasso

Advertisements