The malware that turns your computer into a cellular antenna
Just when you thought coming offline would protect your equipment from hackers, it seems that researchers in Israel have found a way to steal data from air-gapped computers i.e. those that are not connected to the internet. The malware essentially works by converting the computer into a cellular antenna. The potential risks from this are clearly significant as it means that data could be stolen from an air-gapped computer by someone standing on the other side of a wall.
How is it installed?
The computer does need to have malware installed for this to happen, something that would normally be attempted via an internet connection or emails. With an air-gapped computer obviously this isn’t possible so, instead, a worm is transmitted when a removable drive is connected. This is apparently the same method as the way the malware Stuxnet was used to sabotage Iran’s uranium centrifuges so it’s not as much of a challenge as it should be.
How does it work?
When the malware (named GSMem) is installed on the computer it creates specific, memory-related instructions and transmits these internally between the computer’s CPU and memory. This creates radio waves that can be picked up by someone nearby who has a mobile device – the Israeli researchers used an old Motorola phone to pick up the signals, concluding that it was the type of device more likely to get past security. However, a smart phone could pick up a lot more data.
What’s the risk?
During the I research, the phone could be up to 15 feet from the computer and still pick up the data. Although the device was only able to harvest data at one or two bits per second, that was still enough to collect essential information like passwords.
Is there a solution?
If you’re very concerned about this then the obvious solution is to introduce a complete ban on smart phones in sensitive areas and to introduce technology to jam cellular signals.