Published at Jewish Business News
Ben-Gurion University of the Negev cybersecurity researchers have developed a method that allows breaking into computers that aren’t connected to the Internet.
The new method is called BitWhisper, part of ongoing research on securing computers that are not connected to Internet, conducted by BGU’s Cyber Security Center.
This method even allows, in principle, hacking the computer systems of Israel’s biometric database, whose operators have boasted is unbreakable, because it is completely disconnected from any network access.
The method developed by these Israeli scientists overcomes the network isolation challenge by identifying the computer’s operating temperature, and monitoring its use via sensors installed on a nearby computer (at this stage it must be within two feet).
By regulating the heat patterns, thermal data can be transformed into binary data and vice versa. Eight signals per hour are sufficient to extract sensitive information such as passwords or secret keys.
The attacker can use this method to directly control the actions of malware in the target PC and receive feedback.
This method permits breaking in through the security buffer apparent and retrieve data, simply by placing a suitable computer near servers where the data is stored—in this case, the biometric data of all the citizens of Israel.
The BitWhisper research was carried out by Mordechai Guri, a doctoral student and researcher at Cyber Security Center, under the guidance of the center’s director Prof. Yuval Elovici.