New attack method can steal offline PC data through walls

government computers
(Image credit: shutterstock)

A new method of stealing data from offline machines has been developed utilizing the electromagnetic waves given off by their power supplies.

So-called “air-gapped” PCs - those isolated from the public internet - could have their data stolen at distances of over six feet, and even through walls, by someone with a smartphone or laptop equipped with a special receiver, experts have warned.  

The method was developed by Mordechai Guri, a researcher at Ben-Gurion University in Beersheba, Israel, who called it COVID-bit, perhaps in reference to common social distancing rules preventing people from being in close proximity to one another. 

Bridging the (air) gap

Air-gapped systems are most commonly deployed in institutions where highly sensitive data and tasks are handled, such as those related to energy, government and military weaponry, making this new method a worrying prospect.

Firstly, the targeted system must have certain malware pre-installed on it, which can only be done via physical access to the machine. This malware controls the CPU load and frequencies of its cores in order for the power supply to produce electromagnetic waves between 0-48kHz.

Guri explained that the switching components inside these systems create a square wave of electromagnetic radiation at specific frequencies, as they switch on and off during AC/DC conversion. 

This wave can carry raw data, which can be decoded by those away from the machine with an antenna that can be easily connected to a mobile device’s 3.5mm audio jack. A program on the device can then decode the raw data by applying a noise filter.

power cord and supply of desktop

(Image credit: Shutterstock)

Guri tested his method on desktops, a laptop and a Raspberry Pi 3, and found laptops were the trickiest to hack, since their energy saving credentials meant that they didn’t output a strong enough electromagnetic signal. 

The desktops, on the other hand, could transmit 500 bits per second (bps) with an error rate between 0.01% and 0.8%, and 1000bps with an error rate of up to 1.78%, which is still accurate enough for effective data harvesting. 

At this speed, a 10KB file could be transmitted in under 90 seconds, and raw data pertaining to an hour’s worth of activity on the target machine could be sent in just 20 seconds. Such keylogging could also be transmitted live in real time. 

When it came to the Pi 3, its weak power supply meant that receiver distances were limited for successful data transmission.

ben-gurion university

(Image credit: Opachevsky Irina / Shutterstock.com)

Guri recommends that air-gapped systems stay safe by monitoring CPU loads and frequencies for any suspicious or unusual activity. However, this can lead to many false positives as such parameters can vary widely during normal usage scenarios.

In addition, such monitoring adds to the processing cost, meaning the potential for reduced performance and increased energy usage.

An alternative solution is to lock the CPU to certain core frequencies, to prevent data from being decoded by their associated electromagnetic radiation. The disadvantage here, though, is that, as aforementioned, natural fluctuations of core frequencies are to be expected, so locking them will result in reduced performance at certain times and overuse at others.

TOPICS
Lewis Maddison
Reviews Writer

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

Read more
A digital representation of a lock
Security experts are being targeted with fake malware discoveries
China
Chinese hackers develop effective new hacking technique to go after business networks
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Trojan
Hackers hide malware into website images to go unnoticed
Concept art representing cybersecurity principles
How to combat exfiltration-based extortion attacks
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)