Malware Can Steal Data From Non-Networked Computers, Via Heat

"Hot or not?" comes to computer security
Computer heat

bittidjz via Flickr/CC BY-SA 2.0

Back in 1999, Neal Stephenson’s novel Cryptonomicon introduced me to the idea of Van Eck phreaking—intercepting the weak electromagnetic radiation from a computer monitor to recreate what the person is seeing on the screen. Now security researchers have come up with an exploit that uses an even simpler form of radiation: heat.

BitWhisper, as researchers Mordechai Guri and Professor Yuval Elovici of Ben-Gurion University’s Cyber Security Research Center have dubbed their program, targets air-gapped machines—computers that are not physically (or wirelessly) connected to the Internet. By using malware that can tap into computers’ cooling systems and temperature sensors, the hack can send information back and forth between two adjacent machines.

For example, raising the temperature of one computer by a single degree over a specified time period would be detected by the adjacent computer as a binary bit of ‘1’; returning it to the baseline temperature would be interpreted as a ‘0.’ String enough of those together and they can represent a computer command or raw data, such as a password.

Naturally, there are a host of caveats. In order to work, the two computers need to be just 15 inches apart (close enough to detect the changes in heat), one needs to be connected to the internet, and they both have to be infected with the malware. And given the time inherent in raising and lowering temperatures, sending data takes a long time–potentially hours.

This isn’t the first attempt to target air-gapped computers. The Stuxnet worm largely thought to have been developed by the U.S. National Security Agency and Israel jumped from computer to computer via compromised USB drives. Researchers have also come up with ways to transmit information between hacked computers using their built-in speakers to generate high-frequency sounds that can be heard by microphones but not ears. And Guri himself previously came up with an exploit called AirHopper that could transmit information as FM signals to nearby compromised mobile phones, which would then send that data on to the outside world.

As tempted as you may be to look askance at your computer the next time its fans kick on, don’t worry too much: it’s probably just running hot as it processes your high-def stream of House of Cards. Probably.