The Vulnerability of Disconnection: Researchers Bridge the Gap to Unconnected Systems

by Matt Klassen on August 11, 2015

Digital security and data protection are quickly becoming some of the most formative issues of our time, as individuals, companies, and countries wrestle with the Sisyphean task of responding to cyber threats and establishing security protocols, only to see hackers and other cyber ne’er-do-wells simply find ways to circumvent them; a perpetual game of catch-up.

For the security obsessed, the long-standing theory has been that disconnection is the safest protection; that is, separating a computer (or heck, even oneself) from the network is the best way to avoid being hacked or invaded by malware, a practice called “air gapping.”

The theory behind the practice is the same as the one that motivates people to live “off the grid,” separation from the network provides inherent safety from the dangers of said network. Unfortunately though, in what seems to be ripped from the script of yet another failed Mission Impossible film, security researchers have found a way to bridge the gap using little more than an old school feature phone, hacking disconnected computers that were thought to be virtually impregnable.

Now it’s not hard to see the thinking behind air-gapping, the idea that disconnection is the best defence against network attacks. By removing the digital avenues hackers use, the prevailing notion is that hackers simply won’t be able to reach the system, meaning the only real vulnerability comes from direct access (again, much like the famous repelling into the computer vault scene in the first Mission Impossible film). It would be like creating a digital dead-end for cyber-criminals, a place where their computer could simply go no further.

But as ironclad as this defence sounds, as FierceITSecurity reports, it is no longer enough,  as  security researchers in Israel claim they have developed a method that bypasses air-gapping by using a low-end mobile phone.

According to a paper the researchers will be presenting at the USENIX conference inWashington,D.C.next month, the researchers were able to infect a disconnected computer with malware that was subsequently able to steal data.

“Rogue software on an infected target computer modulates and transmits electromagnetic signals at cellular frequencies by invoking specific memory-related instructions and utilizing the multichannel memory architecture to amplify the transmission. Furthermore, we show that the transmitted signals can be received and demodulated by a rootkit placed in the baseband firmware of a nearby cellular phone,” the paper’s abstract reads.

Researchers demonstrated that without any modifications the phone could send a signal to a disconnected device from around 1.5 metres and up to 30 metres if a dedicated hardware receiver was used. This means that the hacker need not be in the same room, perhaps not even in the same building, to access an air-gapped device.

Now granted one might think that all this is still quite labour intensive, thus contravening the general hacker modus operandi of work vs. reward (the more difficult a network is to access, the less likely someone will put in the time to access it), but the shocking thing here is that access was achieved using components present on any computers and deploying an antiquated feature phone with only voice and text capabilities, the sort of phone that is often seen as being more “secure” because of its diminished capabilities.

All that to say, there is no ironclad security method; no one answer to the security dilemma. Hackers will find a way; our job is to make it as difficult as possible for them to achieve the inevitable and hope they lose interest along the way.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: