It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Drone steals data from a PC's blinking LED

page: 1
6
<<   2 >>

log in

join
share:

posted on Mar, 4 2017 @ 08:01 PM
link   


Think you're safe from hackers offline? This drone steals data from a PC's blinking LED

Security researchers from Israel's Ben Gurion University have just demonstrated that if an attacker did manage to infect an air-gapped computer, they could steal data semi-remotely at their leisure by using a camera to capture signals from the LED lights of its hard-disk drive (HDD).

As Wired reports, the malware that the researchers devised can force an HDD LED to blink 6,000 times per second. If those lights are visible from a window, a camera-equipped drone or telescopic lens can capture the signals at a distance.
...
The researchers explain in a new paper that data can be leaked from HDD LEDs at a rate of 4kbps. That speed is incredibly slow by today's USB standards, but it's more than enough to steal encryption keys or text and binary files. According to the researchers, it's an impressive 10 times faster than previous optical covert channels for leaking data from air-gapped computers.
..
That speed is incredibly slow by today's USB standards, but it's more than enough to steal encryption keys or text and binary files

More details at Link

The research paper


Defeating an air gapped computer using the led for the hard disk. I suppose it was only a matter of time.

Make me wonder it if has been used before this proof of concept was released.

edit:

I think the mention of drone is that it's camera could also be used, just like many other camera platforms.
edit on 3/4/2017 by roadgravel because: (no reason given)




posted on Mar, 4 2017 @ 08:05 PM
link   
a reply to: roadgravel

It started with taping over the webcam on laptops

Eventually our entire pcs/laptops will be covered in tape lol



posted on Mar, 4 2017 @ 08:06 PM
link   
a reply to: roadgravel

All it takes is a 1/2" piece of electrical tape to solve this one.



posted on Mar, 4 2017 @ 08:06 PM
link   
a reply to: Discotech

Leave holes for the fan and soon it's noise will be used.



posted on Mar, 4 2017 @ 08:09 PM
link   
Time for a on/off switch for the HDD.



posted on Mar, 4 2017 @ 08:10 PM
link   
Or record heat pulses coming from the HDD with an IR camera.



posted on Mar, 4 2017 @ 08:16 PM
link   
a reply to: roadgravel

Does a solid state drive make noise?



posted on Mar, 4 2017 @ 08:21 PM
link   
a reply to: roadgravel


It could be defeated by closing the blinds.

Or you could throw a brick through said window and steal the whole computer.

Perhaps we could read the data from a hard drive from the wisps of smoke that rise after 'the researchers' bomb the premises to pieces?


edit on 4/3/2017 by chr0naut because: (no reason given)



posted on Mar, 4 2017 @ 08:25 PM
link   
I wouldn't think this would be a widely used tactic. Sounds more like something from a spy movie. I would imagine at some point some computer will be compromised using this technique. People are still falling prey to phishing, even government officials.



posted on Mar, 4 2017 @ 08:27 PM
link   

originally posted by: seasonal
a reply to: roadgravel

Does a solid state drive make noise?


In theory no, as far I as know. Some have reported noise but it seems to be due to circuit component(s). I don't know if it could be used aa a side channel attack for the data being written.



posted on Mar, 4 2017 @ 08:27 PM
link   
And my girlfriend said I was a fool for buying all those BB guns and the air rifle.



posted on Mar, 4 2017 @ 08:34 PM
link   
The key to this working, is somehow getting the software onto the hard-drive of an air gapped computer. Someone who uses an air gapped computer is either just a paranoid and who cares what is on it, or is some government agency where you would have to get the software in there Mission: Impossible style.



posted on Mar, 4 2017 @ 08:43 PM
link   
a reply to: CalibratedZeus

True, especially after stuxnet and Iran. System updates or the need to possibly bring in new data might be a path. There is the tried and true method of using a compromised person who has access.



posted on Mar, 4 2017 @ 09:02 PM
link   
There is no way you can retrieve data from the led of a hdd.

come on.... it's not an indication of data, it's an indication of activity. an led would need to blink a hell of a lot to replicate the actual data written or read.

but I can tell what you're doing by blinking... I know it. stop staring at me... Oo



posted on Mar, 4 2017 @ 09:05 PM
link   

originally posted by: CalibratedZeus
The key to this working, is somehow getting the software onto the hard-drive of an air gapped computer. Someone who uses an air gapped computer is either just a paranoid and who cares what is on it, or is some government agency where you would have to get the software in there Mission: Impossible style.


Key words. get access to.

then you have a trillion other ways of sneaking data off, the least efficient would be a blinking led. next to using the pc speaker at ultra high frequency to emit inaudible sounds that your secret snooper microphone hidden in the giraffe statue you have on the mantle piece would detect.



posted on Mar, 4 2017 @ 09:08 PM
link   


Leds... so old...



posted on Mar, 4 2017 @ 09:15 PM
link   
a reply to: savemebarry

The idea is controlling the disk access to use the led as a signalling device.



posted on Mar, 4 2017 @ 09:18 PM
link   
a reply to: roadgravel

Amazing how much effort and time we put into discovering ways of stealing stuff.

Pretty impressive though.



posted on Mar, 4 2017 @ 10:56 PM
link   
I'm no techie, but it seems to me that if they could control the computer enough to make its lights blink out morse code, or binary, or whatever, to tell someone information on the computer, then they should be able to just have the computer communicate with the controller in a more reasonable fashion, say by operating it's wifi or bluetooth. No?



posted on Mar, 5 2017 @ 12:03 AM
link   

originally posted by: roadgravel
a reply to: savemebarry

The idea is controlling the disk access to use the led as a signalling device.


It doesnt have that capacity.

unless you specifically build a device and already had physical access to the data - rendering the entire thing moot - you just wont get an led to do that.

not by software.







 
6
<<   2 >>

log in

join