Hackers can use electrical outlets to steal computer data

If attackers intent on data theft can tap into an electrical socket near a computer or if they can draw a bead on the machine with a laser, they can steal whatever is being typed into it.

How to execute these attacks will be demonstrated at the Black Hat USA 2009 security conference in Las Vegas later this month by Andrea Barisani and Daniele Bianco, a pair of researchers for network security consultancy Inverse Path.

Related stories:

How to keep your laptop data private and safe

Layoffs and slumping economy raise data theft concerns

“The only thing you need for successful attacks are either the electrical grid or a distant line of sight, no expensive piece of equipment is required,” Barisani and Bianco say in a paper describing the hacks.

The equipment to carry out the power-line attack could cost as little as $500, and the laser attack gear costs about $100 if the attacker already owns a laptop with a sound card, says Barisani. Carrying out the attacks took about a week, he says.”We think it is important to raise the awareness about these unconventional attacks and we hope to see more work on this topic in the future,” Barisani and Bianco say in their paper. Others with more time and money could doubtless create better spying tools using the same concepts, they say.

In the power-line exploit, the attacker grabs the keyboard signals that are generated by hitting keys. Because the data wire within the keyboard cable is unshielded, the signals leak into the ground wire in the cable, and from there into the ground wire of the electrical system feeding the computer. Bit streams generated by the keyboards that indicate what keys have been struck create voltage fluctuations in the grounds, they say.

Attackers extend the ground of a nearby power socket and attach to it two probes separated by a resistor. The voltage difference and the fluctuations in that difference – the keyboard signals – are captured from both ends of the resistor and converted to letters (see diagram).

To pull the signal out of the ground noise, a reference ground is needed, they say. “A “reference” ground is any piece of metal with a direct physical connection to the Earth, a sink or toilet pipe is perfect for this purpose (while albeit not very classy) and easily reachable (especially if you are performing the attack from [a] hotel room,” they say in their paper.Since keyboards and mice signals are in the 1 to 20 kHz range, a filter can isolate that range for listening, they say.

Variations in individual keyboards and mice result in each keyboard signaling in a slightly different frequency range. With careful filtering, that makes it possible to zero in on a particular keyboard in an environment where many keyboards are in use, the researchers say.

The attack proved successful when tapping electric sockets located up to 15 meters from where the target computer was plugged in the researchers say.

This method would not work if the computer were unplugged from the wall, such as a laptop running on its battery. The second attack can prove effective in this case, Bianco’s and Barisani’s paper says.

Attackers point a cheap laser, slightly better than what is used in laser pointers, at a shiny part of a laptop or even an object on the table with the laptop. A receiver is aligned to capture the reflected light beam and the modulations that are caused by the vibrations resulting from striking the keys.

This modulation is converted to an electrical signal that is fed into a computer soundcard. “The vibration patterns received by the device clearly show the separate keystrokes,” the researchers’ paper says. Each key has a unique vibration pattern that distinguishes it from the rest. The spacebar creates a significantly different set of vibrations, so the breaks between words are readily apparent.

Analyzing the sequences of individual keys that are struck and the spacing between words, the attacker can figure out what message has been typed. Knowing what language is being typed is a big help, they say.

Laptop lids, especially shiny logos and areas close to the hinges, provide the most easily read vibrations.

Anyone worried about this type of attack can make sure there is no line of sight to the laptop, move position frequently while typing and polluting the signal by striking random keys and later deleting them with the backspace key.

While they admit their hacking tools are rudimentary, they believe they could be improved upon with a little time, effort and backing.

“If our small research was able to accomplish acceptable results in a brief development time (approximately a week of work) and with cheap hardware,” they say. “Consider what a dedicated team or government agency can accomplish with more expensive equipment and effort,”

Source: CIO

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs