BitWhisper: Extracting Data From Secured Computers Via Heat


There are always vulnerabilities in every system that a remote attacker can manipulate if they're determined enough, regardless of how secure you may consider your computer to be.

A large number of industrial and government computers systems are isolated from external networks in order to diminish the chances of sensitive material being stolen. This is a fairly common practice called air-gapping, but even preventative measures such as this may not be enough to completely ensure isolated systems against external attackers.

A team of researchers at Isreal's Ben Gurion University have developed a technique that shows how it is possible to set up a two-way communication system with an air-gapped computer. This is a method of gathering sensitive data that the researchers call “BitWhisper”, and it is executed via heat exchange. But although the technique was developed, applied, and is proven to work in a regular office setting, it is one that needs quite a bit of forethought in order to be executed properly.

Two computers sit side-by-side on a desk – a setup that is not uncommon in a standard office environment. One system is connected to the internet while the other remains without connectivity. Often, employees need to perform sensitive tasks on an air-gapped computer while utilizing another computer for internet operations.

For BitWhisper to work, however, both machines (connected and air-gapped) have to be infected with specially designed malware. This is not really an issue for the online machine, but could prove quite tricky on an air-gapped system. Still, even air-gapped computers can contract malware through USB drives, supply chain attacks and so on.

Heating patterns can be generated by instruction of the isolated machine once both systems are infected. This is done by ramping up the CPU or GPU. By using its internal sensors, the nearby internet-connected machine can monitor the fluctuation in temperature from the air-gapped computer and interpret them as a data stream. Commands can also be sent for the online to the isolated machine.

The malware is capable of using heat patterns as a stealthy data stream between the online and air-gapped system. This renders the air-gap irrelevant because all the data extraction occurs via invisible heat signals, and the secure network almost always shows very little to no signs of intrusion. However, the BitWhisper technique isn't the speediest out there. The data rate between the two computers would sit at around eight bits per hour. Even so, this is still enough to retrieve passwords and text files over time.

According to the researchers, any isolated network is vulnerable to BitWhisper if an air-gapped computer sits within fifteen inches of an internet-connected computer. By sending out periodic “thermal pings”, BitWhisper can also search for new connections with other nearby computers. The malware can be instructed to spread to other computers in search of more heat-driven channels as well, once it has settled in the air-gapped network.

In all honesty, though, BitWhisper wouldn't be considered an ideal technique for many external attackers. There are simply too many physical environmental factors to consider with a system as sensitive as this, where something as simple a desk fan or a change in air-conditioning can interfere with or break a connection. Even so, the researchers have to be commended for an ingenious proof-of-concept.

Sources: Flickr's Creative Commons

Recommended Posts | Network Management

Troubleshooting with the OSI Model

Troubleshooting with the OSI Model Still Effective

Network technology has changed considerably since the dawn of computer inter-networking. Early commercial networks used x.25, a protocol suite for packet switching. Originally designed to carry voice traffic, x.25 remains in use today for some automated teller machine or credit card verification ...
Case for IT Consulting

The Case for IT Consulting

There are times in the life of a business when it is important to take a step back and review its objectives. What are the desired outcomes? Where would the leaders like to take the company within the next five years? How are current systems affecting progress toward the achievement of the company? ...
Company’s Network and BYOD

8 Steps to Protect Your Company’s Network and BYOD from Botnets

Cyber criminals gain remote control over networks of computers ranging from SMB, large corporations, and personal users. They install botnets in device they can that is connected to the internet. The malicious software, viruses, and key loggers are triggered remotely by the cyber criminal to attack ...
Recommended Security and Privacy Extensions

Highly Recommended Security and Privacy Extensions (Firefox & Chrome)

Knowing about the best protection for computer is critical if you're connected to the internet. Google Chrome and Mozilla Firefox are the safest internet browsers. Most people use one or the other as their default browser, which helps to provide them with superior privacy and protection extensions ...