Cyberattack can steal data via cooling fan vibrations

by Peter Grad , Tech Xplore


ABOUT THE IMAGE: Illustration of the cover channel. The malware in the compromised computer transmits signals to the environment via vibrations induced on the table. A nearby infected smartphone detects the transmission, demodulates and decodes the data, and transfers it to the attacker via the Internet. Credit: arXiv:2004.06195 [cs.CR]

Israeli researchers uncovered a novel way that hackers could steal sensitive data from a highly secured computer: by tapping into the vibrations from a cooling system fan.

Lead cyber-security researcher Mordechai Guri at Ben-Gurion University of the Negev said data encoded by hackers into fan vibrations could be transmitted to a smartphone placed in the vicinity of the targeted computer.

“We observe that computers vibrate at a frequency correlated to the rotation speed of their internal fans,” Guri said. Malware can control computer vibrations by manipulating internal fan speeds, he explained. “These inaudible vibrations affect the entire structure on which the computer is placed.”

The covertly transmitted vibrations can be picked up by a smartphone resting on the same surface as the computer.

Since accelerometer sensors in smartphones are unsecured, they “can be accessed by any app without requiring user permissions, which make this attack highly evasive,” he said.

Guri demonstrated the process, named AiR-ViBeR, with an air-gapped computer setup. Air-gapped computer systems are isolated from unsecured networks and the internet as a security measure.

The research team said three measures would help secure a computer system against such an assault. One would be to run the CPU continuously at maximum power consumption mode, which would keep it from adjusting consumption. Another would be to set fan speeds for both CPU and GPU at a single, fixed rate. The third solution would be to restrict CPUs to a single clock speed.

CyberHacking via Fan Vibrations
Illustration of the cover channel. The malware in the compromised computer transmits signals to the environment via vibrations induced on the table. A nearby infected smartphone detects the transmission, demodulates and decodes the data, and transfers it to the attacker via the Internet. Credit: arXiv:2004.06195 [cs.CR]

READ THE COMPLETE ARTICLE ON TECH XPLORE