Researchers have found a way to steal a PC’s data by using the mechanical noise coming from the hard disk drives inside.
It’s not a very practical hack, but the scheme has been designed for “air-gapped” systems, or computers that have been sectioned off from the Internet.
The researchers at Ben-Gurion University of the Negev in Israel have been studying how to use sound to extract information from air-gapped computers. In June, they showed that even a PC’s cooling fans can be controlled to secretly transmit data, including passwords and encryption keys.
In a new paper, the researchers found that a PC’s hard disk drive could also generate enough noise to do the same. They did this, by manipulating the drive’s internal mechanical arm, to generate binary signals.
Typically, the mechanical arm only reads and writes data within the hard drive. But when in use, it also creates a good deal of sound at different frequencies -- which the researchers decided to exploit.
They developed a piece of malware called “DiskFiltration” which can infect a Linux-based PC to control a hard disk drive’s operations. To record the emitted noise, the researchers placed a Samsung Galaxy S4 phone nearby to log and decrypt the signals.
They found that their hack could transmit enough 0s and 1s for a stream of data, including passwords. However, the transmission rate is quite slow at only 180 bits per minute, and the range is only effective at up to six feet.
Nevertheless, the method is covert. A hacker could infect an air-gapped system with a USB stick, and then secretly extract the data, by simply recording the nearby sounds.
To prevent this kind of hacking, owners of air-gapped owners can consider using solid-state drives, which have no moving parts, the researcher said.