When governments, utilities and corporations need to protect their most sensitive data, they create what’s called an air-gap network. It involves storing information on computers that are never connected to the Internet, an extreme method of isolation designed to prevent any chance of data leaking out.
Air-gap networks were once considered the “magic bullet” for securing data, but researchers from Ben-Gurion University in Israel have found a way to compromise those machines. Once a computer is infected with a particular kind of virus, hackers can trick the PC into relaying information that can be wirelessly retrieved from a mobile phone located outside of the room.
The technology won’t be used to steal something as innocuous as your Gmail password. This is some Mission Impossible stuff that a cyber-espionage gang or state-sponsored hacker might use to access extremely valuable secrets.
“The scenario is that you go to a secure facility and leave your cell phone at the entrance,” said Dudu Mimran, chief technology officer at Ben-Gurion’s cybersecurity labs. “The virus will send the data to your phone.”
Computerized medical equipment, military defense and critical infrastructure systems are usually isolated from the Internet. The university’s findings have ignited a discussion within cybersecurity circles about the effectiveness of air-gap networks. Since the lab published its findings, its web site and YouTube video got more than 100,000 views combined, according to the university. Not bad for university research on a highly technical topic.
The researchers are now working on ways to mitigate the effects of such a breach. They say they have yet to find a way to protect against the attack other than to store equipment in special metal enclosures or to build walls thick enough to scramble radio frequencies and block the transmission.
Even with paper-thin walls, the heist wouldn’t be simple to pull off. Before you can siphon data out, you’d need to somehow get the virus onto the computer. That would probably involve getting a person with physical access to the hardware to, knowingly or unknowingly, plug in an infected USB stick. The malware can reprogram the PC’s graphics card to transmit signals over the display cable that can be picked up by a nearby mobile device. The signals are sent over an FM radio frequency, which many modern phones are capable of receiving.