Friday, March 5, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Academics turn PC power units into speakers to leak secrets from air-gapped systems

May 5, 2020
in Internet Security
Academics turn PC power units into speakers to leak secrets from air-gapped systems
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: IgorShubin

Academics from an Israeli university have published new research last week showing how an attacker could turn a computer’s power supply unit into a rudimentary speaker that can secretly transmit data from an infected host using audio waves.

The technique, named POWER-SUPPLaY, is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev, in Israel.

You might also like

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

With its acquisition of Auth0, Okta goes all in on CIAM

Singapore Airlines frequent flyer members hit in third-party data security breach

Over the last half-decade, Guri has been pioneering research into new covert data exfiltration channels. The techniques Guri has been developing can be used for stealing data through unconventional means.

Guri has been developing these techniques specifically for extracting data from air-gapped systems — computers isolated on local networks with no internet access.

Such computers are often used on government or corporate networks to store sensitive data, such as classified files or intellectual property.

Air-gapped systems are protected by several layers of defenses, on top of the “air gap,” and you need novel data transmission techniques to go around these defenses.

For example, some air-gapped systems don’t have speakers, because it’s been proven in the past that speakers could be abused to leak information from a secure system using inaudible sound waves.

Meet POWER-SUPPLaY, a new data exfiltration technique

In a research paper shared with ZDNet yesterday, Guri said the POWER-SUPPLaY technique was developed for these types of situations, where speakers have been removed from air-gapped systems.

By using specially-crafted malware, the Israeli researcher says that a power supply unit (PSU) can be transformed into a very simple speaker capable of emitting the most basic of audio waves.

[Guri has only developed and studied the data exfiltration technique. Guri’s work does not focus on planting the malware on air-gapped systems or getting near to an air-gapped system to steal data. This is out of scope of his project.]

Guri says the trick behind the POWER-SUPPLaY technique is to manipulate power inside a PSU’s capacitors to trigger a “singing capacitor phenomenon.”

This phenomenon generates acoustic waves when current passes through a capacitor at various frequencies. By controlling the power frequencies, the POWER-SUPPLaY malicious code can also control the audio waves, and hence, hide data inside it.

singing-capacitor.png

Image: Mordecai Guri

“Our technique works with various types of systems: PC workstations and servers, as well as embedded systems and IoT devices that have no audio hardware.

“Binary data can be modulated and transmitted out via the acoustic signals. The acoustic signals can then be intercepted by a nearby receiver (e.g., a smartphone), which demodulates and decodes the data and sends it to the attacker via the Internet,” Guri added.

The main advantage of the POWER-SUPPLaY technique is that the malware doesn’t need any special privileges.

“The transmitting code can be initiated from an ordinary user-space process and is highly evasive,” Guri said.

POWER-SUPPLaY can broadcast data up to six meters away

The downside is that the attack is not extremely fast, can’t transmit data over big distances, and is subject to background noise that may impact the transmission’s quality, making exfiltration in some scenarios almost impossible.

Guri said that the distance at which POWER-SUPPLaY works usually depends on the PSU brand and the bitrate and frequency bands at which the stolen data is encoded and then transmitted via acoustic signals.

The Israeli academic said that experiments have shown that POWER-SUPPLaY exfiltration speeds can vary between 0-40 bits/sec at short distances of up to 1 meter or 0-10 bits/sec when the data needs to travel for more than 2 meters. The maximum transmission distance recorded in the experiment was 6 meters.

Guri said that the first method can be reliably be used to transmit binary data, keystrokes logs, text files, and so on, while the slower bit rates could be used to transfer a small amount of data, such as short texts, encryption keys, passwords, and keystrokes.

Basically, the closer an attacker can place a smartphone to record the sounds comming from the infected computer, the better the speed and lower the transmission error rates.

Additional details about the technique and possible countermeasures are available in a research paper titled “POWER-SUPPLaY: Leaking Data from Air-Gapped Systems by Turning the Power-Supplies Into Speakers.”

Guri’s team has previously also worked on other air-gapped data exfiltration techniques, such as:

  • LED-it-Go – exfiltrate data from air-gapped systems via an HDD’s activity LED
  • USBee – force a USB connector’s data bus give out electromagnetic emissions that can be used to exfiltrate data
  • AirHopper – use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data
  • Fansmitter – steal data from air-gapped PCs using sounds emanated by a computer’s GPU fan
  • DiskFiltration – use controlled read/write HDD operations to steal data via sound waves
  • BitWhisper – exfiltrate data from non-networked computers using heat emanations
  • Unnamed attack – uses flatbed scanners to relay commands to malware infested PCs or to exfiltrate data from compromised systems
  • GSMem – steal data from air-gapped systems using GSM cellular frequencies
  • xLED – use router or switch LEDs to exfiltrate data
  • aIR-Jumper – use a security camera’s infrared capabilities to steal data from air-gapped networks
  • HVACKer – use HVAC systems to control malware on air-gapped systems
  • MAGNETO & ODINI – steal data from Faraday cage-protected systems
  • MOSQUITO – steal data from PCs using attached speakers and headphones
  • PowerHammer – steal data from air-gapped systems using power lines
  • CTRL-ALT-LED – steal data from air-gapped systems using keyboard LEDs
  • BRIGHTNESS – steal data from air-gapped systems using screen brightness variations
  • AiR-ViBeR – steal data using a computer’s fan vibrations

Categorized based on the exfiltration channels, these look like:

power-supplay-categories.png

Image: Mordecai Guri

Credit: Zdnet

Previous Post

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

Next Post

How to Justify Your Content Marketing Budget During COVID-19

Related Posts

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines
Internet Security

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

March 5, 2021
With its acquisition of Auth0, Okta goes all in on CIAM
Internet Security

With its acquisition of Auth0, Okta goes all in on CIAM

March 5, 2021
Singapore Airlines frequent flyer members hit in third-party data security breach
Internet Security

Singapore Airlines frequent flyer members hit in third-party data security breach

March 5, 2021
Ransomware as a service is the new big problem for business
Internet Security

Ransomware as a service is the new big problem for business

March 5, 2021
Microsoft: We’re cracking down on Excel macro malware
Internet Security

Microsoft: We’re cracking down on Excel macro malware

March 4, 2021
Next Post
How to Justify Your Content Marketing Budget During COVID-19

How to Justify Your Content Marketing Budget During COVID-19

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

How to Meet the Enterprise-Grade Challenge of Scaling AI 
Artificial Intelligence

How to Meet the Enterprise-Grade Challenge of Scaling AI 

March 5, 2021
Comprehensive Report on Machine Learning Market 2021 | Size, Growth, Demand, Opportunities & Forecast To 2027
Machine Learning

Comprehensive Report on Machine Learning Market 2021 | Size, Growth, Demand, Opportunities & Forecast To 2027

March 5, 2021
GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines
Internet Security

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

March 5, 2021
Convergence of AI, 5G and Augmented Reality Poses New Security Risks 
Artificial Intelligence

Convergence of AI, 5G and Augmented Reality Poses New Security Risks 

March 5, 2021
2021 Gartner Magic Quadrant for Data Science and Machine Learning Platforms
Machine Learning

2021 Gartner Magic Quadrant for Data Science and Machine Learning Platforms

March 5, 2021
With its acquisition of Auth0, Okta goes all in on CIAM
Internet Security

With its acquisition of Auth0, Okta goes all in on CIAM

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • How to Meet the Enterprise-Grade Challenge of Scaling AI  March 5, 2021
  • Comprehensive Report on Machine Learning Market 2021 | Size, Growth, Demand, Opportunities & Forecast To 2027 March 5, 2021
  • GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines March 5, 2021
  • Convergence of AI, 5G and Augmented Reality Poses New Security Risks  March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates