Israeli breakthrough and special ops RFI
News and notes from around the federal IT community.
Researchers at Ben-Gurion University have discovered a way that hackers could access secure computers via a mobile phone without a cellular connection.
Israelis unveil off-line access 'breakthrough'
Researchers in the cybersecurity labs at Israel's Ben-Gurion University have found what they're calling a breakthrough method that can be used to remotely access critical infrastructure and federal computers without going online.
The method, dubbed AirHopper by researchers in a paper prepared for a conference on malware sponsored by the Institute of Electrical and Electronics Engineers, can access small sets of data from an isolated computer via a mobile phone without using a cellular or Wi-Fi network.
In other words, the technique circumvents the "air gap" isolation that some critical infrastructure providers and federal network operators rely on to protect sensitive information.
The technique takes advantage of radio frequencies generated by a computer's display screen to transmit data from the computer to a mobile phone, said Dudu Mimran, chief technology officer at Ben Gurion's cybersecurity labs. Mobile phones usually come equipped with FM radio receivers, and software can intentionally create radio emissions from the screen.
Mimran said AirHopper shows that textual and binary data can be taken from a physically isolated computer and moved to a mobile phone from as close as nine to as far as 20 feet away. Researchers said they revealed the technique at the conference because they wanted to start a discussion of how to mitigate the risk.
Special ops wants next-gen device-cracking tools
Special operations forces are looking for the next generation of devices that will allow them to quickly crack into computing devices retrieved on the battlefield, Defense Systems reports.
In a request for information, the Special Operations Command said it and other organizations within the Defense Department and intelligence community want to evaluate the latest tactical document and media exploitation tools and set strict time frames for what those tools can accomplish.