Researchers from Israel uncovered a novel way of doing a cyber attack. This method involves tapping the vibrations from a cooling system fan of a computer. With this method, hackers can steal sensitive data from a highly secured computer.
Mordechai Guri, a cyber-security researcher from the Ben-Gurion University of the Negev said that data encoded by hackers into fan vibrations could be transmitted to a smartphone placed close to the targeted computer.
“We observe that computers vibrate at a frequency correlated to the rotation speed of their internal fans,” Guri said. Malware can control computer vibrations by manipulating internal fan speeds, he explained. “These inaudible vibrations affect the entire structure on which the computer is placed.“
These vibrations can be picked up by a smartphone resting on the same surface as the computer.
As some of you might know that accelerometer sensors in smartphones are unsecured, they “can be accessed by any app without requiring user permissions, which make this attack highly evasive,” he said.
Guri demonstrated the process, named AiR-ViBeR, with an air-gapped computer setup. An air-gapped computer system is a system wherein the devices are isolated from unsecured networks and the internet as a security measure.
The researchers said that there are three measures that would help secure a computer system against such an assault.
- Running the CPU continuously at maximum power consumption mode, which would prevent it from adjusting consumption.
- Set fan speeds for both CPU and GPU at a single and fixed rate.
- The third solution would be to restrict CPUs to be at single clock speed.
The Cybersecurity team at Ben-Gurion University specializes in these things which are called as side-channel attacks. Rather than searching for software or coding vulnerabilities, side-channel attacks deal with the manner in which a computer accesses hardware.
“This is the very essence of a side-channel attack,” said Guri. “The malware in question doesn’t exfiltrate data by cracking encryption standards or breaking through a network firewall instead, it encodes data in vibrations and transmits it to the accelerometer of a smartphone.“
AiR-ViBer relied on different vibrations sensed by an accelerometer which is capable of detecting motion with a resolution of 0.0023956299 meters per square second. There are other means of capturing data through side channels. They include electromagnetic, magnetic, acoustic, optical, and thermal channels.
More information: AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs, arXiv:2004.06195 [cs.CR] https://arxiv.org/abs/2004.06195v1
Air-Gap Research Page: https://cyber.bgu.ac.il/advanced-cyber/airgap
