Cyber crime is much sneakier than most people think. It is not limited to someone accessing your hotmail or Facebook account. it can take over your life. And gobble up your business.
There are various ways to access a computer that is offline. A term sometimes used for an offline computer is ‘air-gapped’, but for starters, a true air-gapped computer should never ever have been connected to the internet to minimise the chance that there is any software (code) on it that shouldn’t be on it. It should be brand-new, out of the box.
Unless you put it in a Faraday cage, some of the information on an offline computer can still be accessed although this is usually merely passive. It concerns information displayed on a screen or entered on a keyboard, for example. This can be accessed but not altered.
Here are a few technical articles for those who want some background:
- http://www.computerweekly.com/news/2240210388/Proof-of-concept-malware-jumps-air-gap-with-sound-card (article in Computer Weekly about how researchers at Germany’s Fraunhofer Institute showed that a computer’s sound card and built-in speakers can be used to transmit data);
- http://arxiv.org/abs/1411.0237v1 (link is to Cornell University);
- http://cyber.bgu.ac.il/content/how-leak-sensitive-data-isolated-computer-air-gap-near-mobile-phone-airhopper (link is to Cyber Security Lab at Ben Gurion University of the Negev).
- http://www.newscientist.com/article/dn24582-can-a-computer-virus-communicate-via-your-speakers.html (article in NewScientist).
Here is a really nice old video about it:
And this one, in German and much more recent, is quite clear too:
Here is another one:
In addition to the above, I see at least four more or less regular ways to access a computer and tamper with it:
– via cable or telephone line, directly;
– via cable or telephone line, using unused capacity on the line;
– wireless/wifi network;
– powerline networking.
In the case of powerline networking, there may be a need for that computer to have been hacked before it was taken offline. That also seems to be the case for at least one of the air-gap hopping methods.
It may also be possible to access printer memory via powerline networking and acquire information that way.
A computer does not have to be accessed through its operating system such as Windows, as is often thought. Computers can be accessed at a much more basic level as well, but it depends on the hardware and its settings.
Hackers can also purchase or build scanning equipment that can detect your mobile equipment. Phone hacking and spying software is available from regular retailers and its use has ‘reached epidemic proportions‘ (article in the Independent).
Here are four more articles, in The Independent and the Huffington Post:
- The rise of car hacking: In-car technology has led to thieves remotely taking over our vehicles
- Researcher shows how to hack (and crash) a passenger aircraft with an Android phone…
- Sim cards hacked: A single text that unlocks millions of mobiles
- NSA Hacked Offline Computers With Tiny USB Radios, Claims New York Times
If you are really intrigued now, read this article in NewScientist about new bugging devices.