According to a method devised by security researchers, a normal cellphone with just GSM connectivity, and a dash of electromagnetic waves, can bypass the most complex security systems in use worldwide.
This development is enough to make defence companies (with millions invested in security no less), sit up and take notice. Normally, sensitive installations like military bases and nuclear installations, rely on air-gapped network of computers to ensure that the system is isolated from unsecured channels.
This exploit can even penetrate air-gapped computer systems, rendering current ways of military-grade security obsolete. The discovery of this low-tech exploit can prove instrumental in extracting data from sensitive locations. The implications of such a discovery are far-reaching, especially considering the growing potentials of cyber-warfare and sabotage involved.
The exploit can even penetrate air-gapped computer systems, rendering current ways of military-grade security obsolete
The researchers behind the discovery of this exploit recommend that companies should restrict the use of devices that give RF signals and overhaul their existing security guidelines. According to Yuval Elovici, director of the Cyber Security Research Center at Ben-Gurion University of the Negev, the exploit does involve the installation of a malware in both the phone and the computer used in the cyber attack, after which extracting data is mere child’s play.
This is possible thanks to the naturally emitting EM radiation that electronics such as computers give off and recipient devices such as phones are capable of. So in other words, the process of data extraction comes naturally, thus circumventing the air gapped network security measures currently in use today.
The exploit is, however, limited by the amount of data it can transmit. In short, they can take long if you’re trying to extract gigs of data from a compromised PC. But here’s the thing. It can also allow the attacker to get hold of the encryption keys or passwords in a minute, which can then open the door to a much faster way of data extraction. A scary prospect no doubt.
So its not just smartphones that can hack networks now, but your prehistoric Nokia or Siemens or Alcatel or Ericcson that can prove to be as deadly as their smarter cousins.