Cybersecurity, air gaps, Faraday rooms, hacking | Homeland Security Newswire

CybersecurityFaraday rooms, air gaps can be compromised, and leak highly sensitive data

Published 8 February 2018

Faraday rooms or “cages” designed to prevent electromagnetic signals from escaping can nevertheless be compromised and leak highly sensitive data, according to new studies. Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically-sealed Faraday room or enclosure, which prevents electromagnetic signals from leaking out and being picked up remotely by eavesdropping adversaries. Researchers from Ben-Gurion University showed for the first time that a Faraday room and an air-gapped computer that is disconnected from the internet will not deter sophisticated cyber attackers.

Faraday rooms or “cages” designed to prevent electromagnetic signals from escaping can nevertheless be compromised and leak highly sensitive data, according to new studies by Ben-Gurion University of the Negev’s Cyber@BGU.

Research led by Dr. Mordechai Guri, the head of research and development of Cyber@BGU showed for the first time that a Faraday room and an air-gapped computer that is disconnected from the internet will not deter sophisticated cyber attackers.

Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically-sealed Faraday room or enclosure, which prevents electromagnetic signals from leaking out and being picked up remotely by eavesdropping adversaries.

In two newly released reports, the team demonstrated how attackers can bypass Faraday enclosures and air gaps to leak data from the most highly secured computers. The Odini method, named after the escape artist Harry Houdini, exploits the magnetic field generated by a computer’s central processing unit (CPU) to circumvent even the most securely equipped room. Click here to watch the demonstration.

“While Faraday rooms may successfully block electromagnetic signals that emanate from computers, low frequency magnetic radiation disseminates through the air, penetrating metal shields within the rooms,” explains Dr. Guri. “That’s why a compass still works inside of a Faraday room. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any desktop PCs, servers, laptops, embedded systems, and other devices.”

In another documented cyberattack dubbed Magneto, researchers utilized malware keystrokes and passwords on an air-gapped computer to transfer data to a nearby smartphone via its magnetic sensor. Attackers can intercept this leaked data even when a smartphone is sealed in a Faraday bag or set on “airplane mode” to prevent incoming and outgoing communications. Click here to watch the demonstration.