Wednesday, March 08, 2017

Your computer's blinking LED lights are putting you at risk of hacks

By Mark Jones on Komando.com (Feb. 24):

Cybercriminals are extremely sneaky when it comes to their scams. It's hard to predict which corners of the digital world they are lurking around.

That's why researchers are always trying to figure out future attacks before they actually occur. You're not going to believe the latest proof-of-concept attack, it's almost like a scene right out of Mission Impossible.

Researchers at a university in Israel discovered this potential hack of the future. It incorporates a sneaky, data-stealing drone.

How the latest proof-of-concept hack works

That's right, for this hack to work the scammer uses a drone to help steal information. But first, the targeted computer must be infected with malware that is planted via USB drive or SD card.

I know, I know, this is a super elaborate scheme. As we said earlier it's only proof-of-concept at this time, meaning it's feasible but has yet to be implemented.

How the attack would work is, the criminal infects an "air-gapped" computer with data-stealing malware. Air-gapped means the computer is never connected to the internet. These are typically used to store sensitive information that hackers can't get to online.

Once the malware is installed on the computer, a drone is sent to spy on it. That's because computers have a small Hard Drive LED indicator that the malware uses to send sensitive data through Morse type code. The drone records the code and bam, the hacker has stolen your information.  [read more]

Scary. Basically, to avoid this attack you make sure the LED isn’t visible and be careful of inserting any USB drive and SD card that you aren’t familiar with—that’s the probably the most important caution.

No comments: