The smartphone records that sound, which is then decoded by the attackers to restore the data. The spyware broadcasts the data in the form of audio signals at a frequency so high that most humans’ ears can’t hear it. In the scenario used by the Korean researchers, the spy physically enters the room where the computer is, bringing with them a smartphone with basic sound recording software running. So, the spy program has collected the secrets, but now the attacker needs a way to get them out of there. Or, the computer could have been infected via a supply-chain attack even before it was delivered to the organization. Suppose a spy managed to get a flash drive into the secured room and plug it into the computer. However, finding out exactly how this occurred isn’t the subject of the researchers’ paper. The data is so highly classified that the computer is isolated from the internet, and possibly even the LAN, for enhanced security but the scenario implies that the computer still gets infected with spyware one way or another. In this case, it’s this one: let’s take a government or corporate computer that holds secret information. Besides, an attacker needs no specialized equipment to obtain the precious data: all it takes is bringing a smartphone close to the target computer.Īny research of this kind starts with a description of a hypothetical attack scenario.
Data exfiltration via the speaker mounted on the motherboard might appear unsophisticated in comparison with those two methods, but let’s not forget that the simpler the attack - the higher the odds of success. This story is about data being stolen by manipulating the radio signal from the CPU power supply. This one, for instance, is about wiretapping smartphones by using their built-in accelerometer. We’ve published several stories on data-theft methods. Motherboards still typically feature one for compatibility, and it turns out that such a speaker can be used for data exfiltration. This type of attack may serve as a last resort for a malicious actor when no other, simpler methods are feasible.ĭata exfiltration in this case uses the computer’s speaker: not some plug-in device, but a relic of the first personal computers - the internal speaker, also known as the “PC speaker”. Researchers at Korea University in Seoul have published a paper detailing a new method of data theft from a computer that has maximum protection that is - placed in an isolated room and surrounded with an air gap (i.e., connected to neither the internet nor a local network).
0 kommentar(er)
