Petronella Blog Archive

Visit our New Blog

Hacking a Computer Through its Heat

Blog Post

Most of us know that computers generate heat, sometimes a significant amount, while performing various processes. But did you know that this heat can actually be used to hack computers; very secure ones, at that?

Many networks that house highly sensitive information use air-gapped systems to keep that information secure; journalists, credit card processing networks, and even the military. These systems are not online, so the only way that they can be hacked is through physical means, using flash drives or cables… Or so everyone thought…

Security researchers Mordechai Guri and his adviser Yuval Elovici out of the Israeli-based Ben Gurion University have found that heat emissions from the computer’s built-in sensors can be used to breach air-gapped systems so long as it is within 15 inches of an internet-connected system that is under the control of the hackers. The researchers have posted a demonstration of this breach online.

As you saw, both systems must have the malicious malware installed for a successful attack, and it is only able to siphon off about 8 bits of data over the course of an hour. This is not a lot of data but attackers could easily steal passwords or secret keys.

Additionally, as stated above, the wired computer must be closely located to the air-gapped system, but this is not unusual, especially now that other gadgets such as thermostats, printers and faxes are becoming more and more common. The researchers say in a paper detailing their work that they “expect this pioneering work to serve as the foundation of subsequent research, which will focus on various aspects of the thermal channel and improve its capabilities.” In fact, they are currently researching ways to increase the distance between the two computers.

So how is this done, exactly? Essentially, it’s the computer version of Morse code, wherein the wired computer uses increasing temperatures to communicate with the heat sensors of the air-gapped computer. The built-in sensors detect the changes and translate to binary code. The malware that the researchers designed takes normal temperature fluctuations into consideration and distinguishes those from the communicating fluctuations. A hacker could increase temperatures more than that one degree, as long as it is within reason, so as not to arouse suspicion.

As 007 as this sounds, there are actually other non-physical ways to communicate with air-gapped systems; however this is the only one discovered so far that allows for back-and-forth communication between the two computers. The Ben Gurion researchers used radio frequencies and a mobile phone to steal passwords, among other data, and Edward Snowden’s leaked documents showed that the NSA has been using the same (albeit slightly more sophisticated) radio hack to not only syphon off data from Iranian computers, but also to inject them malware. There is currently no proof that the NSA has used this newer thermal technique, but most likely, they have explored it, as well.