Malware Escapes from Faraday Cages and Air-Gapped Computers
Faraday rooms or “cages” designed to prevent electromagnetic signals from escaping can nevertheless be compromised and leak highly sensitive data, according to new studies by BGU’s Cyber@BGU.
Research led by Dr. Mordechai Guri (pictured right), the head of research and development of Cyber@BGU showed for the first time that a Faraday room and an air-gapped computer that is disconnected from the internet will not deter sophisticated cyber attackers.
Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically-sealed Faraday room or enclosure, which prevents electromagnetic signals from leaking out and being picked up remotely by eavesdropping adversaries.
In two newly-released reports, the team demonstrated how attackers can bypass Faraday enclosures and air gaps to leak data from the most highly secured computers. The Odini method, named after the escape artist Harry Houdini, exploits the magnetic field generated by a computer’s central processing unit (CPU), to circumvent even the most securely- equipped room.
“While Faraday rooms may successfully block electromagnetic signals which emanate from computers, low-frequency magnetic radiation disseminates through the air, penetrating metal shields within the rooms,” explains Dr. Guri. “That’s why a compass still works inside of a Faraday room. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any desktop PCs, servers, laptops, embedded systems and other devices.”
In another documented cyberattack, researchers utilized malware keystrokes and passwords on an air-gapped computer to transfer data to a nearby smartphone via its magnetic sensor. Attackers can intercept this leaked data even when a smartphone is sealed in a Faraday bag or set on “airplane mode” to prevent incoming and outgoing communications. Click here to watch the demonstration.
Dr. Guri’s research team includes BGU Department of Electrical and Computer Engineering Ph.D. student Boris Zadov, Andrei Daydakulov, and Prof. Yuval Elovici, who is director of the Cyber@BGU, director of Deutsche Telekom Innovation Labs@BGU and a member of the BGU Department of Software and Information Systems Engineering.
Above: A smartphone in a Faraday bag.