Skip to main content

This Malware Could Steal Your Data Through the Air -- Literally

Typically, Air Gapping, the practice of keeping a computer not connected to networks, is enough to keep its data safe. Try telling that to the researchers at the cyber security labs at Israel's Ben-Gurion University, as they've developed a new way to sneak data away based on the sounds your hard drive makes.

This latest method, dubbed DiskFiltration, creates acoustic signals with a hard drive's actuator, which is the mechanical arm that accesses specific data. Researchers Mordechai Guri, Yosef Solewicz, Andrey Daidakulov and Yuval Elovici published this information yesterday (August 11) in a technical paper entitled "DiskFiltration: Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise."

MORE: 12 Computer Security Mistakes You’re Probably Making

These acoustic signals can be interpreted by devices within six feet and send information at 180 bits per minute, a speed useful for transmitting passwords, encryption keys and keylogging records and other small amounts of information. In a video posted to YouTube, the researchers demonstrate how data can be transmitted without presenting any noise that actually sounds suspicious, or noticeable in any office space.

The researchers don't explain how the DiskFiltration malware makes it onto the system, but the intent behind this proof-of-concept demonstration is to demonstrate that even air gapping isn't foolproof. Of course, data can also be lifted from non air gapped systems with this trick, which could work around security tools that track data sent via network connections and ports.

If you need yet another reason to upgrade your laptop to a Solid State Drive, add this vulnerability to the pile. Researchers say this hack could be prevented by switching from mechanical hard drives to SSDs, which don't make noise. Howvever, if you aren't willing or able to give up on a spinning hard drive, they recommend using special enclosures to minimize leaked sound and separating hardware with distance.

If you air gap a system for privacy, though, tell us in the comments about why and how you observe this practice.