Tuesday, May 5, 2020

Air-Gapped PC Power Supplies Spills the Screens

One of the most secure system arrangements today consists of air-gapped PCs. The reason being their total disconnection from the internet.

In February this year, it was reported that hackers can steal data from air-gapped PC using screen brightness and now the same can be done through their power supply.

Mordechai Guri, a cybersecurity researcher from the Israeli Ben Gurion of the Negev University has conducted an experiment that shows how power supply units (PSUs) can be exploited to extract information from both an air-gapped & audio-gapped computer.

Termed as POWER-SUPPLaY; the malware exploits the PSU using it as an “out-of-band, secondary speaker with limited capabilities”. The data that can be extracted includes different files & information of the user’s keystrokes transmittable up to 1 meters away along with passwords and encryption keys that the attacker could receive with a device that is five meters away from such as a smartphone...

The research does not deal with the question of how the malware will be implemented in the first place. The technique is very clever nonetheless. more