Cybercriminals are extremely sneaky when it comes to their scams. It's hard to predict which corners of the digital world they are lurking around.
That's why researchers are always trying to figure out future attacks before they actually occur. You're not going to believe the latest proof-of-concept attack, it's almost like a scene right out of Mission Impossible.
Researchers at a university in Israel discovered this potential hack of the future. It incorporates a sneaky, data-stealing drone.
How the latest proof-of-concept hack works
That's right, for this hack to work the scammer uses a drone to help steal information. But first, the targeted computer must be infected with malware that is planted via USB drive or SD card.
I know, I know, this is a super elaborate scheme. As we said earlier it's only proof-of-concept at this time, meaning it's feasible but has yet to be implemented.
How the attack would work is, the criminal infects an "air-gapped" computer with data-stealing malware. Air-gapped means the computer is never connected to the internet. These are typically used to store sensitive information that hackers can't get to online.
Once the malware is installed on the computer, a drone is sent to spy on it. That's because computers have a small Hard Drive LED indicator that the malware uses to send sensitive data through Morse type code. The drone records the code and bam, the hacker has stolen your information.
Watch this video to see what the attack would look like in action:
If the hacker doesn't have a drone, all hope is not lost. As long as the scammer has a direct line of site to the infected computer, they can record the flashing lights and steal the data.
One of the researchers in on the discovery told Wired that, "If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker. We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance."
The suggested defense against this type of attack is pretty simple. The discovering researchers say to follow these guidelines:
- Keep air-gapped computers in a secure room, away from any windows that a hacker could be spying through.
- If there are windows, place a cover over them that doesn't allow light to escape.
- Cover the computer's LED with a piece of tape so the flashing light can't be seen.
Again, this type of attack has yet to be implemented but we now know it's feasible. Keep checking in with our Happening Now section and we'll let you know of any updates. And remember, keep those air-gapped computers stealthy.