BEER-SHEVA, Israel…February 8, 2018 – Faraday rooms or “cages” designed to prevent electromagnetic signals from escaping can nevertheless be compromised and leak highly sensitive data, according to new studies by Ben-Gurion University of the Negev’s Cyber@BGU.
Research led by Dr. Mordechai Guri, the head of research and development of Cyber@BGU showed for the first time that aFaraday room and an air-gapped computer that is disconnected from the internet will not deter sophisticated cyber attackers.
Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically-sealed Faraday room or enclosure, which prevents electromagnetic signals from leaking out and being picked up remotely byeavesdropping adversaries.
In two newly released reports, the team demonstrated how attackers can bypass Faraday enclosures and air gaps to leak data from the most highly secured computers. The Odini method, named after the escape artist Harry Houdini, exploits the magnetic field generated by a computer’s central processing unit (CPU) to circumvent even the most securely equippedroom.
“While Faraday rooms may successfully block electromagnetic signals that emanate from computers, low frequency magnetic radiation disseminates through the air, penetrating metal shields within the rooms,” explains Dr. Guri. “That’s why a compass still works inside of a Faraday room. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any desktop PCs, servers, laptops, embedded systems, and other devices.”
In another documented cyberattack dubbed Magneto, researchers utilized malware keystrokes and passwords on an air-gapped computer to transfer data to a nearby smartphone via its magnetic sensor. Attackers can intercept this leaked data even when a smartphone is sealed in a Faraday bag or set on “airplane mode” to prevent incoming and outgoingcommunications.
Dr. Guri’s research team includes BGU Department of Electrical and Computer Engineering Ph.D. student Boris Zadov,Andrei Daydakulov and Prof. Yuval Elovici, who is director of Cyber@BGU and the Deutsche Telekom Innovation Labs@BGU, and a member of BGU’s Department of Software and Information Systems Engineering.
American Associates, Ben-Gurion University of the Negev
American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.
AABGU, headquartered in Manhattan, has nine regional offices throughout the United States.