This is probably the most creative way to steal data that I have even seen. We all know what is the most effective way to protect any computer. You just have to cut off the Internet connection and make sure that unauthorized persons do not have physical access to the machine. However, hackers have found a way to do so. It turns out that there is malicious software that uses HDD LED indication diode to transmit sensitive data.
How is it possible? A drone with a camera is used for reading data. The whole idea resembles a bit of the Morse code. This is not a fast data transmission, but it is enough to steal confidential informations. After all, logins, passwords security keys and credit card information do not take up much space. Security experts have been able to force the hard drive LED to light up to 1/5 milliseconds. They also used a simple OOK (On-off keying) modulation to transmit the data. When the LED is on, then “1” bit is transmitted, and when it is off, then it is “0”. This gives the data rate up to 5 kbps.
In the practice the maximum transmission speed is 4 kbps.
This is enough for cybercriminals to steal the relevant data. The limitation is really the frequency of the camera refresh. Using a typical smartphone, security experts have achieved speeds of 60 bps. On the other hand, the GoPro camera was able to capture data transmitted two times faster (i.e. 120 bits per second). However, the best results were given by Samsung’s special photodiode, which was able to respond to high frequency LED flashes. Fortunately, not everything is lost yet.
Cybercriminals have to infect a computer that is isolated from the network first.
Therefore, companies should also take care of traditional computer security. Employees must also be aware of the dangers posed by the usage of external media. Hackers in a variety of ways can infect a machine that is not connected to any network. They can do it in person or use any unconscious employee. This is exactly how the Agent.btz virus attacked the computers of the United States Army. It was propagated via USB flash drives and SD cards.
There is a very simple way to protect yourself from the described attack. Just in case, just have to hide the computer under the desk and cover the diodes. In the end, the simplest methods are the best.