A few years ago, the idea of using nothing more than a standard electrical outlet to hack into sensitive computer systems would be the stuff of Hollywood - and far-fetched, eye-rolling Hollywood at that.I can almost picture the scene: A wily Justin Long taps a few keys on his laptop and we watch the signal race through the power grid to his target, where a hapless government employee types his password into the ultra-secure computer at headquarters. Back with Long, we watch the password show up on his computer screen, as if by magic, thanks to his nifty hacking skills.
It sounds ridiculous.
But it turns out, well, it's basically a reality.
At the Black Hat USA conference later this month, hackers are preparing to unveil their methodology to steal information typed on a computer keyboard using nothing more than the power outlet to which the computer is connected.
The technique behind the exploit isn't as wildly high-tech as you might think, though. Old-fashioned electrical properties are the key to the trick. Here's how it works (in simple terms): When you type on a standard computer keyboard, electrical signals run through the cable to the PC. Those cables aren't shielded, so the signal leaks via the ground wire in the cable and into the ground wire on the computer's power supply.
The attacker connects a probe to a nearby power socket (perhaps in the vacant office next door or a hotel room across the hall), detects the ground leakage, and converts the signal back into alphanumeric characters. So far, the attack has proven successful using outlets up to about 15 meters away.
If you've got a wireless keyboard or are working on a laptop unplugged from the wall, which would make this attack useless, fret not: The hackers have a method for eavesdropping on you too. A simple laser beam -- better than a laser pointer, but not by much -- can be pointed a shiny object on the table where the computer sits, and the beam's reflection is captured by a receiving system. The vibration of that reflection caused by the striking of keys can be analyzed and, as with the electrical outlet system described above, reconstructed into words, since every key produces a unique vibration pattern. All this technique requires is a direct line of sight to the PC and a few hundred dollars worth of equipment.
Be safe out there, folks than be sorry...
No comments:
Post a Comment