Researchers from Israel’s Ben-Gurion University have published a paper describing a technique for wirelessly transmitting confidential data from an isolated computer by creating a Wi-Fi network with RAM chips.
One way to ensure information security is to physically isolate the device. Air-gap (“air gap”) — isolation of the computer from potentially dangerous connections to the Internet and local networks. The gap can be either directly physical or using cryptographic devices to tunnel traffic. There is no possibility to communicate with the device from the outside.
Mordechai Guri, head of research and development at Ben-Gurion University, came up with the idea of receiving data through electromagnetic waves that can be received and processed by any device with a Wi-Fi antenna. These waves Create Computer ram chips.
The technology is called AIR-FI. It is based on the principle of generating electromagnetic waves by any electronic component. The researcher showed how any memory chip can generate a 2.4 GHz electromagnetic wave. It is this frequency that the IEEE 802.11 standard, better known under the brand name Wi-Fi, uses to work.
To implement the vulnerability, modern memory strips are used, which have a frequency of operation close to 2.4 GHz. In other cases, the frequency is raised or lowered to the desired values through the software or BIOS / UEFI.
The scientist describes how perfectly synchronized read-write operations of data on RAM can cause RAM to emit radio waves similar to a weak Wi-Fi signal. Then this signal is received by a laptop or smartphone located in the immediate vicinity of the computer.
Guri tested this method on several isolated computers, after removing the Wi-Fi adapter from them. it has achieved data transmission at speeds of up to 100 b / s over a distance of several meters. The hacker does not need to obtain administrator rights to run the exploit. Therefore, the scientist calls the AIR-FI attack one of the simplest among other methods of transmitting data from an isolated computer.
The described method of data transmission is only a laboratory study, although the authors point out possible attack vectors. This method of data theft poses a potential threat to computers in the public sector and in defense enterprises. The method is considered as part of a chain of attacks on highly secure systems isolated from public networks.
The researchers suggest introducing malicious code in the production and delivery process or through an infected peripheral device. The vulnerability works at the physical level and through virtual machines.
The scientist suggested potential remedies: prohibiting the approach of network devices to air-gap systems, using interference for Wi-Fi radio frequencies, mixing the radio signal with the background process, performing random memory operations, and using a Faraday cell.
Mordechai Guri’s team discovered and described a large number of ways to extract data from the device — using sound waves from fans; video cards to generate radio waves; speakers and headphones; and hard disk noise.
The main idea in all cases is to encode information for further transmission through non-standard sources and protocols. Classic data theft protection becomes ineffective when it comes to preventing the transmission of binary code through computer vibrations.