Cellphones can steal data from 'air-gapped computers'

July 28, 2015
Credit: Peter Griffin/Public Domain

Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have discovered that virtually any cellphone infected with a malicious code can use GSM phone frequencies to steal critical information from infected "air-gapped" computers.

Air-gapped computers are isolated—separated both logically and physically from public networks—ostensibly so that they cannot be hacked over the Internet or within company networks.

Led by BGU Ph.D. student Mordechai Guri, the research team discovered how to turn an ordinary air-gapped into a cellular transmitting antenna using software that modifies the CPU firmware. GSMem malicious software uses the electromagnetic waves from phones to receive and exfiltrate small bits of data, such as security keys and passwords.

"GSMem takes the air out of the gap and will force the world to rethink air-gap ," says Dudu Mimran, of BGU's Cyber Security Research Center. "Our GSMem on Windows and Linux has a tiny computational footprint, which makes it very hard to detect. Furthermore, with a dedicated receiver, we were successful exfiltrating data as far as 90 ft. (30 meters) in distance from the computer."

According to Guri, "Many companies already restrict the use of cell phones or limit the capabilities (no camera, video or Wi-Fi on cell phones) around air-gapped computers. However, phones are often otherwise allowed in the vicinity of air-gapped computers thought to be secure. Since modern computers emit some electromagnetic radiation (EMR) at various wavelengths and strengths, and cellular phones easily receive them, this creates an opportunity for attackers."

The researchers recommend that countermeasures to mitigate the issue use the "Zone" approach: defined areas or zones around these computers where mobile phones and simple devices are prohibited. Insulation of partition walls may help to mitigate signal reception distance growth if a dedicated hardware receiver is used. Additionally, anomaly detection and behavioral dynamic analysis may help.

The video will load shortly

This is the third threat the BGU cyber team has uncovered related to what are supposed to be secure, air-gapped computers. Last year, the researchers created a method called Air-Hopper, which utilizes FM waves for data exfiltration. Another research initiative, BitWhisper, demonstrated a covert bi-directional communication channel between two close-by air-gapped computers using heat to communicate.

In addition to lead researcher Mordechai Guri, the other BGU researchers include Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center, member of Ben-Gurion University's Department of Information Systems Engineering and director of Deutsche Telekom Laboratories.

Guri will present the findings next month at the USENIX Security '15 Conference on August 14 at 2:00 p.m. at the Hyatt Regency Capitol Hill, 400 New Jersey Ave. NW, Washington, D.C.

Explore further: BitWhisper turns up heat on air-gap security

Related Stories

BitWhisper turns up heat on air-gap security

March 24, 2015

Ben Gurion University reported Monday that researcher Mordechai Guri, assisted by Matan Munitz and guided by Prof. Yuval Elovici, uncovered a way to breach air-gapped systems—that's quite something considering that air-gapped ...

BGU security team says vulnerability found in Samsung Knox

December 26, 2013

(Phys.org) —Israeli researchers at Ben-Gurion University of the Negev (BGU) said a security flaw was discovered by a team member, a PhD student, and that this vulnerability could enable interception of data on Samsung mobile ...

Do auto manufacturers realise dangers of networked motors?

July 24, 2015

While computers bring great benefits they come with drawbacks too – not least, as news stories reveal every day, the insecurity of often very private data connected to the public internet. Only now that computers are appearing ...

Humans are largely the problem in cyber security failures

October 31, 2014

When people think about cyber and information security they often think about anti-virus software and firewalls; however, according to an information security expert from the University of Adelaide, organisations would become ...

Recommended for you

Microsoft aims at Apple with high-end PCs, 3D software

October 26, 2016

Microsoft launched a new consumer offensive Wednesday, unveiling a high-end computer that challenges the Apple iMac along with an updated Windows operating system that showcases three-dimensional content and "mixed reality."

Making it easier to collaborate on code

October 26, 2016

Git is an open-source system with a polarizing reputation among programmers. It's a powerful tool to help developers track changes to code, but many view it as prohibitively difficult to use.

Dutch unveil giant vacuum to clean outside air

October 25, 2016

Dutch inventors Tuesday unveiled what they called the world's first giant outside air vacuum cleaner—a large purifying system intended to filter out toxic tiny particles from the atmosphere surrounding the machine.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.