Researchers Discover How To Hack Air-Gapped Computers Using Heat
Security researchers at Ben Gurion University have discovered a way to hack air-gapped computers — machines not connected to the Internet — with heat generated by computers themselves.
Air-gapped systems are commonly used in sensitive sectors, like government intelligence for example, to protect propriety, private or classified information from being accessed by web-based attacks. The only traditional means of hacking such computers are physical — intercepting the machines themselves or inserting connected devices such as USB flash drives.
The machines are commonly placed next to Internet-connected brethren to make it easy for users to transition between them, and therein lies the key to to the new method pioneered at Ben Gurion’s Cyber Security Labs, according to Wired. After installing malware on two machines sitting next to one another, researchers were able to increase and decrease the heat of the machines and use their temperature sensors to transmit messages back and forth to one another in binary.
An increase in temperature, brought on by increasing a computer’s processes, equals a “1,” and a return to the base temperature equals a “0.” By commandeering the internal sensors normally used to trigger cooling fans or shutdowns, researchers concluded it would be possible to make an infected air-gapped computer transmit information, like passwords or security keys, through simple, 8-bit transmissions every hour.
In the video below, the researchers used a computer to transmit a message to another representing an air-gapped system, which was connected to a toy missile launcher. The sending system told the air-gapped machine to reposition and fire the missile launcher.
The technique, which the researchers dubbed “BitWhisper,” could eventually reach out to systems further away using “thermal pings,” and be modified to reach computers through the increasing number of household or office devices connected to the Internet, such as heating or air conditioning systems.
BitWhisper is not the first technique used to successfully compromise air-gapped computers. Others have used acoustic signals picked up by a computer’s microphone to gain access, for example. However, such methods are only good for one-way communication, meaning they can manipulate systems to send data, but not receive commands.
Dudu Mimran, chief technology officer at the lab, said the researchers plan to present their findings during a conference in Tel Aviv next week and publish a paper later on.