Heat has always been a problem for computers, but now there’s more to worry about than smoking a CPU or GPU. Researchers have figured out how to hack into computers using heat.
Researchers at Ben-Gurion University have created a new piece of malware called BitWhisper. It’s not the kind of thing that organized cybercriminals would ever use to attack your home computer. BitWhisper is the kind of crazy hacking tool that you read about in a sci-fi novel — only it’s very real Infected machines can transmit data using heat they produce. Commands, for example, can be passed from one system to another by modulating its temperature. The target machine’s thermal sensors pick up on the fluctuations and execute a predefined action. Small bits of captured data (like passwords) can also be transmitted this way.
It’s not the most efficient way to siphon data off a machine, but it’s not meant to be. BitWhisper targets air-gapped systems, computers that are completely isolated from wireless and wired networks in order to keep them as secure as possible. These are sensitive government and military systems and nuclear reactor control computers. That sort of thing. But even air-gapped machines can be infected, and they frequently are — usually by incredibly sophisticated, state-sponsored malware.
BitWhisper is malware that’s built for the long haul. It’s okay that it captures information slowly, because the alternative is never capturing any data at all.
How would BitWhisper get on a machine in the first place? Well, it could probably be pre-loaded onto a hard drive that was intercepted in the mail — or delivered on an infected USB flash drive, which people are somehow still plugging into highly-sensitive equipment even though they know better.
No comments:
Post a Comment