無論你認為你的電腦有多安全,其中一定存在著某種漏洞能被遠方不知名的駭客所利用,只要他們有心。位於以色列的本•古里安大學(Ben-Gurion University)電腦安全研究人員已經發現,藉由操控溫度感測器可駭入高度安全的「氣隙電腦」。
所謂的「氣隙電腦」指的是一種刻意與公眾網路或其它任何電腦隔離的電腦,目的是為了確保系統安全且資訊不會遭盜取。
此種電腦系統通常用於為零售商處理信用卡交易的金融支付網路、機密軍事網路或負責操控城市電網等國家重要基礎設施的工業控制系統。唯有實際接觸到機器本身才有可能從氣隙電腦中取出數據。 但現在電腦安全研究人員發現,如果兩台受氣隙技術隔離的電腦位在同一個房間且彼此距離不超過40公分(15英寸),便有可能可以操控電腦中控制散熱以防止過熱的溫度感測器。 BitWhisper 這項概念驗證(proof-of-concept)的駭客攻擊技術名為“BitWhisper”,要發動該項攻擊必須先於兩部電腦中植入惡意軟體,而此惡意軟體便能利用電腦內建的溫度感測器互相傳送指令或資料。 該研究團隊指出:「一台連上內部網路與另一台連上公眾網路的電腦擺在同一張桌子上,這樣的設置在許多企業組織內是相當常見的。」 美國Wired雜誌已預先取得研究團隊尚未刊登的論文。根據他們表示,該團隊研發的駭客技術運作原理類似於摩斯密碼(Morse code),並使用了熱脈衝訊號(thermal pings),也就是透過控制溫度的變化與另一台電腦溝通,而位於接收端的電腦會將溫差轉譯為二進位碼(1 or 0)。 例如,在特定時間內讓其中一台電腦溫度上升一度,相鄰的另一台電腦會將其識別為二進位的”1”;若回復到原來的溫度則視為”0”。 這項技術仍頗為原始,研究人員也表示目前一小時只能傳送8位元的數據,儘管如此仍已足夠傳送秘密金鑰或密碼。
研究團隊利用一台連上USB玩具飛彈發射器電腦向大家展示BitWhisper如何運作。在上方的影片中,可以看到他們利用溫度變化從連上公眾網路的電腦對氣隙電腦下指令控制飛彈發射器。
事實上這並非第一次有人試圖駭入氣隙電腦。被廣泛認為由美國家安全局(National Security Agency)和以色列合作開發的震網(Stuxnet)電腦蠕蟲便可藉由USB隨身碟在氣隙電腦間傳播。也有研究學者開發出利用電腦內建喇叭播放出只有麥克風能接收、人耳無法聽到的高頻率聲音來傳輸資訊。而本·古里安大學研究團隊在此之前便已開發出一項名為”AirHopper”的駭客技術,能夠透過FM廣播將病毒安裝到電腦或伺服器上,裝有AirHopper的手機便可透過FM連結該系統並盜取資料,再藉由手機網路回傳給駭客。 BitWhisper: It's possible to steal data from air-gapped computers using heat No matter how secure you think a computer is, there’s always a vulnerability somewhere that a remote attacker can utilize if they’re determined enough. Computer security researchers from Israel's Ben-Gurion University have discovered it is possible to steal data from highly secure air-gapped computers by manipulating the thermal sensors inside them. Air-gapped systems are computers deliberately isolated from connecting to the internet or any other computers in order to make sure they stay secure and data cannot be stolen from them. These systems are routinely used by financial payment networks to process credit card transactions for retailers, classified military networks or industrial control systems that operate important infrastructure like a city's electrical grid. The only way to remove data from an air-gapped computer is to physically access the machine. But now, security researchers have realised that if two air-gapped computers are located adjacent and within 40cm (15in) of each other in a room, it is possible to manipulate the machines' built-in thermal sensors that control heat emissions to prevent the computer from overheating. BitWhisper The proof-of-concept attack, named BitWhisper, requires both computers to have been compromised by malware, which then uses the thermal sensors to send commands or data from one air-gapped system to the other. “The scenario is prevalent in many organizations where there are two computers on a single desk, one connected to the internal network and the other one connected to the internet,” the researchers said. According to Wired, which has seen the as-yet-unreleased research paper, the technique discovered by the researchers is similar to Morse code and involves using thermal pings, ie controlled increases of heat to communicate with the other computer, which the receiving computer interprets as binary code (1 or 0). For example, raising the temperature of one computer by a single degree over a specified time period would be detected by the adjacent computer as a binary bit of '1'; returning it to the baseline temperature would be interpreted as a '0.' This technique is quite primitive and as such the researchers said it takes an hour to transmit just eight bits of data but this would still be sufficient to transmit a secret key or password. The researchers demonstrated BitWhisper using a computer with a USB missile-launcher toy attached. In the video above, they were able to send heat commands from the connected system over the air-gap to the isolated system and control the missile launcher. This isn't the first attempt to target air-gapped computers. The Stuxnet worm largely thought to have been developed by the U.S. National Security Agency and Israel jumped from computer to computer via compromised USB drives. Researchers have also come up with ways to transmit information between hacked computers using their built-in speakers to generate high-frequency sounds that can be heard by microphones but not ears. And Guri himself previously came up with an exploit called AirHopper that could use FM frequencies to install a virus onto a computer or server. The compromised phone then connects the system via the FM frequency, siphons the information out the server and uses the phone's network connection to transmit the stolen data back to hackers. 註: 1. 概念驗證(Proof of concept,簡稱POC)是對某些想法的一個較短而不完整的實現,以證明其可行性,示範其原理,其目的是為了驗證一些概念或理論。 2. 震網(Stuxnet),又稱作超級工廠,是一種Windows平台上的電腦蠕蟲。據報道,該蠕蟲病毒可能已感染並破壞了伊朗納坦茲的核設施,並最終使伊朗的布希爾核電站推遲啟動。 3. 電腦蠕蟲與電腦病毒相似,是一種能夠自我複製的電腦程式。與電腦病毒不同的是,電腦蠕蟲不需要附在別的程式內,可能不需使用者介入操作也能自我複製或執行。 資料來源 Source:International Business Times, Popular Science, SC Magazine UK, ExtremeTech, Wikipedia Your reaction 你的心情 |
傳臉書訊息給我CATEGORIES
|
lanceolate | |
Definition: | Tapering from a rounded base toward an apex. |
Synonyms: | lancelike |
Word of the Day
provided by TheFreeDictionary
Quote of the Day
I believe that if one always looked at the skies, one would end up with wings.
Gustave Flaubert (1821-1880) |
Quote of the Day
provided by The Free Library
Archives
過去文章
December 2016
November 2016
October 2016
September 2016
March 2016
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014