Researchers at Ben-Gurion University’s cybersecurity lab have come up with a way to use malware installed on a drone to steal data off of computers by watching the optical stream of the LED on the computers’ hard drives and sending it to a camera outside the window.
The drone that steals data was created to showcase how the researchers developed a method to get around a security protection dubbed an “air gap” in which sensitive computer systems are separated from the internet to keep the information protected from hackers. If a hacker can put malware on one of the systems, it can quickly steal the secrets off a machine that is supposed to be isolated and thus protected. According to a report highlighting the demonstration, every blink of a hard drive’s LED indicator can provide sensitive information to a hacker with a line of sight to the computer, whether it’s by using a drone or a telescopic lens.
“If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker,” said Ben-Gurion researcher Mordechai Guri said in the report. “We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance.”
According to the report, exploiting the LED on a computer’s hard drive has the potential to be a much sneakier and longer-distance hack than seen in the past. The researchers in their demonstration were able to move data at around 4,000 bits a second, which the report noted is close to a megabyte per half hour. The person receiving the data can then record it and use optical messages at a later time to decode all the information. What’s more, Guri said the malware can even replay the LED blinks in a loop so that every part of a transmission can be seen.