It turns out that it is possible to steal confidential data from a PC using 'cooling fan vibrations'


By

Glenn Batuyong

Israeli security researchers have reported that even computers that have never been connected to the Internet and are in an ' air-gapped ' state, meaning they are completely isolated from the network, can be subject to data theft via the vibrations of their cooling fans .

[2004.06195v1] AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs
https://arxiv.org/abs/2004.06195v1


Cyberattack can steal data via cooling fan vibrations
https://techxplore.com/news/2020-04-cyberattack-cooling-fan-vibrations.html


Research has been conducted on methods to connect to an air-gapped computer from the outside, and methods have been reported that enable communication or steal data from the heat, ultrasound , or current of the computer.

A method to steal data by communicating with computer 'heat' - GIGAZINE



Mordecai Guri, a security researcher at Ben-Gurion University of the Negev, has newly discovered that 'it is possible to communicate with a nearby smartphone using the vibrations of a computer's cooling fan. ' 'We found that computers vibrate at a frequency that correlates with the rotation speed of their internal fans,' Guri said, explaining that the vibrations of the computer can be controlled by manipulating the speed of the internal fan.

As a specific method, Mr. Guri proposes a system called ' AiR-ViBeR ,' which uses malware to control the vibrations of a computer's cooling fan and analyzes the vibrations using a smartphone app that reads data from an acceleration sensor.



The following movie shows how a smartphone is actually used to steal data from an air-gapped PC.

AiR ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs - YouTube


An air-gapped PC that is not connected to a local network, the Internet, or Wi-Fi.



The confidential files in that PC are...



The leak was made possible by a smartphone placed on the same table that read the vibrations of the cooling fan. According to Guri, malware embedded in the computer encodes sensitive data into the vibrations of the cooling fan. The smartphone's accelerometer can detect motion with a resolution of about 0.0024 m/ s2 .



In laboratories, military facilities, nuclear power plants, and other places, computers are often air-gapped to prevent sensitive files from leaking, but with the help of an insider, AiR-ViBeR can sneak data out of the computer without anyone noticing, as long as the insider can install malware on the computer.

'It is possible to counter AiR-ViBeR by running the CPU at full power in maximum power consumption mode, by fixing the CPU and GPU cooling fan speeds to a constant value, or by fixing the CPU frequency,' Guri argues.

in Hardware,   Video,   Security,   , Posted by log1i_yk