Actually, we are familiar with the traditional methods of transferring or moving data into and out of our computers such as : WiFi networks, USB ports, and Bluetooth connections as well but you never know that these methods also use to steal your data by using radio signals as the key part.
However, new hacking techniques have been discovered by an elite group of cyber researchers from Ben-Gurion University (BGU) in Beersheva, Israel.
These hacking techniques can access your computers by using electromagnetic spectrum or radio signals and steal your confidentiality information even if you are not connecting your devices to the network.
Here are some of the new hacking techniques discovered by the BGU team’s research.
Hacking techniques by using radio signals
1. Air-Fi
- Description : Uses WiFi signals to exfiltrate data from air-gapped computers by manipulating electrical currents in RAM, turning them into transmitters at the 2.4 GHz WiFi band.
- Example : A hacker could infect a computer with malware that modulates the RAM to emit WiFi signals, which are then captured by a nearby device connected to the internet.
2. AirHopper – Stealing data using radio signals by using the local GPU card to emit electromagnetic signals to a nearby mobile phone and computer.
- Description : Utilizes GPU cards to emit electromagnetic signals, transmitting data to nearby mobile devices. The display cable of the computer acts as an antenna, emitting signals that can be intercepted.
Example : An attacker can place a smartphone within 7 meters of a targeted computer. Malware on the computer sends data via electromagnetic emissions from the monitor’s cable, which is then captured by the phone.
3. USBee – Forces a USB connector’s data bus to give out electromagnetic emissions by turning the targeted computer’s USB ports into mini Radio Frequency ( RF ) transmitters.
This kind of technique also modified USB devices and allowed spies to transmit & steal data out of targeted computers through electromagnetic or radio signals.
- Description : Forces USB ports to emit electromagnetic signals, effectively turning them into RF transmitters. This technique can exfiltrate data by exploiting the electromagnetic emissions from the USB data lines.
- Example : A compromised USB drive plugged into a computer could be manipulated to emit RF signals containing sensitive data, which are then received by a nearby attacker’s custom hardware.
4. MAGNETO
- Description : Exploits the magnetic fields generated by a computer’s CPU power fluctuations. The magnetic signals are modulated to encode data, which can be intercepted by a magnetic sensor.
- Example : A malware-infected air-gapped computer modulates its power consumption to generate magnetic signals that carry data. An attacker with a magnetic sensor within a few centimeters can capture and decode these signals.
5. ODINI
- Description : Uses the electromagnetic fields generated by the CPU power supply to transmit data. Unlike other techniques, ODINI can work over a larger distance by exploiting low-frequency magnetic emissions.
- Example : A malware alters the CPU workload to generate specific patterns in the magnetic field. These patterns are then captured by a nearby receiver tuned to the low-frequency emissions.
6. MOSQUITO
- Description : Uses the sounds produced by a computer’s internal speakers or connected headphones to transmit data. The sound waves are modulated to encode information, which can be picked up by a nearby microphone.
- Example : Malware on an air-gapped computer converts data into ultrasonic waves, which are then captured by a smartphone’s microphone.
7. GSMem
- Description : Exploits the electromagnetic emissions from the memory bus of a computer to transmit data. This technique leverages standard cellular phones to receive these emissions.
- Example : Malware running on an air-gapped computer modulates memory bus activity to emit GSM signals, which are picked up by a nearby mobile phone.
8. DiskFiltration
- Description : Uses the acoustic signals generated by a hard drive’s movement to transmit data. The read/write head of the HDD is manipulated to create sound patterns.
- Example : Malware manipulates the HDD to generate acoustic signals that encode data, which can be received by a microphone in the vicinity.
How to better protect your data from being stolen by radio signals
Protection Strategies
Physical Separation
- Keep smartphones and smart devices away from computers to reduce the risk of signal-based attacks.
- Step 1 : Identify and isolate critical computers and networks.
- Step 2 : Maintain a physical distance between these systems and potential sources of radio signal interception, such as smartphones or IoT devices.
- Step 3 : Implement strict policies to prevent unauthorized devices from coming close to air-gapped systems.
Secure Computing Environments
- Use virtual desktops or secure browser sessions to minimize the attack surface.
- Step 1 : Set up virtual desktops or secure browser sessions to compartmentalize sensitive data.
- Step 2 : Use secure OS configurations that limit the execution of unauthorized software.
- Step 3 : Regularly update and patch systems to protect against known vulnerabilities.
Memory and Signal Monitoring
- Implement runtime memory access monitoring and signal jamming/Faraday shielding to block unauthorized transmissions from infected air-gapped devices.
- Step 1 : Deploy runtime memory access monitoring tools to detect unusual memory access patterns.
- Step 2 : Use signal jamming devices or Faraday cages to block unauthorized electromagnetic transmissions.
- Step 3 : Conduct regular audits of electromagnetic emissions from critical systems to detect anomalies.
Hardware Restrictions
- Employ diskless workstations without USB ports to prevent unauthorized data transfers.
- Step 1 : Implement diskless workstations that do not rely on local storage, reducing the risk of data exfiltration.
Step 2 : Disable or physically block USB ports on critical systems.
Step 3 : Use hardware that does not have built-in wireless capabilities unless absolutely necessary.
Audio Shielding
- Use soundproofing techniques or disable internal speakers and microphones to prevent acoustic data leaks.
- Step 1 : Disable internal speakers and microphones on air-gapped computers.
- Step 2 : Use soundproofing materials or white noise generators to obscure potential audio signals.
- Step 3 : Regularly check for unauthorized audio devices connected to sensitive systems.
Electromagnetic Shielding
- Apply shielding to block electromagnetic emissions from computer components.
- Step 1 : Use electromagnetic shielding materials around critical systems to block emissions.
- Step 2 : Regularly test the effectiveness of shielding with specialized equipment.
- Step 3 : Ensure proper grounding of all sensitive equipment to minimize unintentional emissions.
secure your personal data from being hacked & stolen by radio signals
You can visit our Hybrid Radio analyzer & bug hunter to protect & secure the air gapped solution from the rogue signals & transmission.
Our Hybrid radio signal analyzer is designed to help you analyze the radio & wireless signal environment and detect the unknown & unwanted signals like rogue transmission ( RF Cyberattack & spying devices ).
To combat threats like Air-Fi, AirHopper, and USBee, the Hybrid 04 Threats Detector employs several features that enhance its capabilities in detecting and countering such sophisticated attacks:
1. Band Selection Feature : Ignore Specific Frequencies
- The band selection feature enables the detector to focus on specific frequencies, allowing it to identify and counteract threats operating in the WiFi band (2.4 GHz), such as Air-Fi. By ignoring irrelevant frequencies, the detector can effectively target and mitigate specific threats.
2. Ultra-Sensitive: Detects Signals from Up to 50 Meters
- The high sensitivity of the detector ensures that it can pick up weak signals, which is crucial for detecting subtle electromagnetic emissions associated with attacks like AirHopper. This sensitivity allows the device to identify signals emitted by the local GPU card and other potential threats.
3. Two Onboard Antennas with Wideband Detection Range
- The two antennas covering a wideband detection range (ANT1: 10-2400 MHz, ANT2: 2400-8000 MHz) contribute to the detector’s ability to identify various RF signals, including those emitted by Air-Fi, AirHopper, and USBee. The wideband detection ensures that the device can cover the necessary frequency ranges associated with these threats.
4. Security Mode : Device Memorizes Normal Frequency Activity
- Security mode, with its ability to memorize normal frequency activity, is effective in countering threats like Air-Fi. By continuously monitoring the area, the detector can detect any abnormal RF signals, such as those emitted by compromised RAM cards turned into transmitters.
5. Detection of Burst Signals
- The capability to detect burst signals is essential in countering threats like Air-Fi and USBee, which may transmit data intermittently to avoid detection. The detector’s ability to identify and analyze burst signals enhances its effectiveness against these types of attacks.
6. Background Removal (Background Subtraction Function)
- The background removal function helps reduce interference from external sources, such as USBee, which forces USB connectors to emit electromagnetic emissions. By eliminating background interference, the detector can focus on detecting unauthorized signals more effectively.
7. Event Logging & Activity Reports
- The event logging and activity reporting features provide detailed information about frequency events, including the type of transmission, time, and duration. This is valuable for analyzing and identifying patterns associated with specific threats like Air-Fi, AirHopper, and USBee.
8.USB Port Monitoring
- While not explicitly mentioned, if the detector includes USB port monitoring capabilities, it can potentially identify unusual activity associated with USBee attacks. Monitoring changes in USB electromagnetic emissions could be crucial in detecting and countering this type of threat.
In summary, the features of the Hybrid 04 Threats Detector collectively contribute to its effectiveness in detecting and combating sophisticated RF threats, including those posed by Air-Fi, AirHopper, and USBee. The device’s ability to ignore specific frequencies, its sensitivity, wideband detection range, and advanced operational modes make it a versatile tool for countering a broad spectrum of security risks.
The detailed explanations and practical tips in this article are incredibly valuable. It’s rare to find such a well-structured and insightful piece on emerging cybersecurity threats. The clear breakdown of complex hacking techniques using radio signals makes it essential reading for professionals in the field to conduct countermeasures strategy. Great job!
Thank you for your positive feedback. It was a pleasure to receive comments from a renowned European cybersecurity & software company. Your feedback is valuable as we aim to expand globally. We look forward to potential collaboration in developing better solutions together.