It's Getting Easier for Hackers to Spy on Your Computer When It's Offline

The best way to defend against malicious hackers is to get ahead of them. That's why Alenka Zajić and Milos Prvulovic, security researchers at the Georgia Institute of Technology, are working on designing methods to spy on offline computer use by monitoring the low-power electromagnetic frequencies emitted by hardware in use.

Exploiting "side-channel signals," the unique electromagnetic frequencies that "leak" from circuits in use, has been discussed in security lite​rature for decades. Recently, researchers in Tel Aviv designed a way to steal encryption keys by touching a laptop that was generating them with a wire.

It sounds scary, but the Tel Aviv researchers note that a few seconds of measurement with physical touch are needed with medium frequency signals, and a few hours with low-frequency signals. That's not exactly practical for hackers trying to get your information on the sly.

Zajić and Prvulovic improved upon this method, and in a recent demonstration at the 2014 IEEE/ACM International S​ymposium on Microarchitecture, they monitored keyboard activity from behind a wall with a wireless antenna.

It's all a little '70s cloak-and-dagger—think Gene Hackman in The C​onversation—but according to Zajić, it works.

"The kind of information you collect mainly depends on the frequencies you're recording, and the lower the frequency, the farther they go, so a couple of metres shouldn't be a problem," she said. "In theory, with a bigger antenna, you can go even further."

The effectiveness of the team's method is due to how they measured the electromagnetic signals coming from the laptop. Zajić and Prvulovic's approach, described in a forthcoming paper, involves identifying a pattern in the A/B frequency shifts that occur when one program action is executed (A), before another (B). An accurate reading can be established after just one second of measurement and filtering out all other frequencies unrelated to the desired information.

By analyzing repetition and looking for patterns, instead of computing A/B frequency differences after a potentially long monitoring period with expensive equipment with high sampling rates, like previous methods did, the new approach could allow hackers with inexpensive tools to gain information on everything from what programs you're using to your security keys.

"We came up with a very code, which is a loop," Zajić said. "In half of the period you do one instruction, and in the other you do another, and that creates the signal for any frequency I want, depending on how many instructions I have in a loop. That allows us to study what the relationship between the software and the hardware emanations."

"Typically, side channels are used to gain passwords and encryption keys, any information that you can't get easily," Zajić explained. "You can see that if you're typing or opening a program, they give off different electromagnetic emanations. So, if you record enough of them, you can identify which is which."

Don't freak out though, because side-channel monitoring of computer activity remains an uncommon, if completely non-existent, exploit—for now, at least. The idea is to develop the technology and methodology in the research lab so that we can develop effective counter-measures against hackers using it against us.

One solution that Zajić and her colleagues are working on is a specialized frequency jammer that can be plugged into a laptop. For now, perhaps the easiest way to protect yourself is to keep an eye out for shady characters holding antennas under tables in coffee shops.