Hackers in movies and TV dramas always bring their own magical operations: a little brother or a little sister with a weird personality knocks a few lines of code, the bank vault is opened, and the secret information of the other party is also available.
However, hackers in real life are different-their energy is even stronger!
From the computer with no internet, no Bluetooth, and no external USB flash drive in the picture below, they can successfully steal data from the computer just by relying on the change of screen brightness.
All of this starts with Dr. Mordechai Guri, a professor at the Negev Cyber Security Research Center in Israel, who focuses on data transmission in the Air-Gap direction. The word Air-Gap, in layman's terms, means "getting things from the air."
What the hell? If people who study computers don't type the keyboard, why do they still specialize in spells? To
This is because his "spells" are not dealing with ordinary computers: the best way to prevent computers from being infected with viruses is to "physical isolation" without networking, Bluetooth, and data transmission. Many computers in factories, power stations, and confidential facilities are operated in this way in order to protect the safety of long-term operation.
In this case, conventional cyber attacks do not work. However, the goal of "fetching objects from space" is to obtain data from the attacked computer without physical contact. "Look at the brightness and get the data" is one of the methods of "getting things out of the air." In simple terms, subtle changes in the brightness of the computer screen can be used as codes to transmit information and steal relevant data.
The reason why you can get data through brightness changes is because people and cameras have different recognition of the display: whether your display is LCD, LED or OLED, you need thousands of RGB pixels to display an image. . The human eye sees an image made up of pixels, but the camera does not have a human visual system and only sees the pixels.
Although the red, green and blue colors of these pixels are fixed, the display screen can achieve color changes by controlling the brightness of the pixels. If you plant malware on a computer connected to a display, you can control the brightness of a pixel.
Assuming that the pixel is not bright to represent "0" and bright to represent "1", the data stolen by the software can be turned into binary code. Although it is difficult for the naked eye to capture the brightness change of this pixel, hackers can process the image through the camera and finally read the data.
假设像素不亮代表“ 0”而亮不代表“ 1”，则可以将由软件窃取的数据转换为二进制代码。尽管肉眼很难捕捉到该像素的亮度变化，但黑客可以通过相机处理图像并最终读取数据。
It's like one person in a military training team of 10,000 people who took the abduction. Because the team stood too close, it was really impossible to find who was the one. But if you want to take out the binoculars to look carefully, or even use the camera to give a close-up, you can still catch the "shunki boy".
However, Shun Kuai in the military training team is just a joke, but this "small bright spot" is much more terrifying: through the transmission of binary codes, the surveillance camera can obtain some key commands. This is a serious security threat to some important facilities that operate offline.
Imagine that if someone finds out the relevant code for "emergency shutdown" at a power station and uses it, it might be a power outage in the city, causing serious chaos.
Is it possible that the disconnection doesn't work? I can only use the computer with a black screen in the future? This is too ridiculous!
Don't worry, there is still good news here. Researchers believe that if the surveillance lens is upgraded, the abnormal brightness of the small RGB bright spots on the LCD screen can be captured, so that security personnel can know the related abnormality of the computer in advance.
Of course, the better anti-hacking method is still a physical method: don't you want to use a camera? I do not install a camera. Looking for data, there is no door. As long as the source of information output is cut off, there is naturally no concern about leaks.
But the good news is often the bad news: the camera stealing data is just in its infancy, and the technology code-named "MOSQUITO" (MOSQUITO) can already use computer speakers to transmit ultrasound to further transmit data. This "mosquito", as its name suggests, is really a big pest.
So it sounds, if I smash the headphones and speakers, wouldn’t it be foolproof?
Haha, you should know that another technology called AirHopper can also convert the noise of the computer's fan into code, and continue to leak.
Are you planning to remove the fan again? Don't worry, the sound waves generated by your mechanical hard drive can also be deciphered.
Even if you switch to a solid state drive, the magnetic field generated by your CPU will be detected by a nearby computer or mobile phone for further theft.
Even if you continue to toss the hardware, the computer always needs to be plugged in. If you are using a large power grid line, then congratulations, PowerHammer this technology happens to be able to read information through the current changes in the power grid line.
As an expert in the field of cyber security, Dr. Mordechai Guri has contributed a series of papers on "Retrieving from Space". Every few months, he can develop a new method of stealing data, and even the way of using the camera, now has a night vision version.
Even the time for other people to sleep is not let go, not only ordinary people, but even security personnel will feel big.
"It's not over yet!"
Some people may have this question: Dr. Guri has written so many papers, isn't he encouraging people to do bad things?
Of course not. Although Dr. Guri exposed a series of methods to "steal data," the magic is one foot high, and the road is high. The fundamental purpose of discovering vulnerabilities is to minimize the risks caused by vulnerabilities.
You must know that the final realization of all "fetching objects from space" ultimately requires offline operations in advance, through USB and hardware wiring, artificially implanting malicious software or creating loopholes, otherwise, these magical operations will not be achieved.
In some hacker-themed games, players sometimes have to perform some seemingly boring "turn on the device" link, but in fact they are performing similar operations to pave the way for various skills.
Therefore, the ultimate method of defending against these airborne operations is to conduct strict computer operation management. If the security of the facilities is in place, no strangers enter, and the person operating the computer does not carry foreign hardware, it is not easy to realize these operations.
However, I don't know how far the security offensive and defensive warfare will escalate in the future. The only certainty is that this battle will continue to be fought.
(The picture material in the text comes from the Internet and is only for learning and communication)