It may not be the most efficient way to steal data from an organisation, let alone the most practical, but researchers at Ben-Gurion University in Israel have once again detailed an imaginative way to exfiltrate information from an air-gapped computer.

And this time they haven’t done it by listening to a PC’s fan, or watching the blinking LED lights on a hard drive or even picking up FM radio waves.

On this occasion the team of boffins have devised and demonstrated a method for stealing data by watching out for tiny changes to the brightness of the targeted computer’s LCD screen – imperceptible by the human eye.

As the researchers describe in a white paper, the so-called BRIGHTNESS technique doesn’t attempt to steal information actually displayed on an air-gapped computer’s monitor, but instead collects data being sent surreptitiously through manipulations of the screen’s brightness – by malware pre-installed on the computer.

“This covert channel is invisible and it works even while the user is working on the computer. Malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys and passwords), and modulate it within the screen brightness, invisible to users. The small changes in the brightness are invisible to humans but can be recovered from video streams taken by cameras such as a local security camera, smartphone camera or a webcam.”

In a video demonstration, the researchers show how it was possible to exfiltrate the text of A A Milne’s children’s classic “Winnie the Pooh” through the method.

This is all very clever. But what it isn’t, of course, is very practical.

And one of the main reasons for that is that the targeted computer has to have been already compromised in the first place before then trying to transmit (Read more...)