"Phreaky" Hacks You Should Know
Hackers can be extremely creative at getting around various types of security, but there may be some ways that are so far out there and crazy that many security professionals have not even heard of them. Some of these hacks are pure genius and they show us how someone with enough determination can get through nearly any type of security. If you can dream up a way to block an attack, someone out there can figure out a way around it.
Did you know that your computer monitors put out an electrical signal that can be picked up and displayed on another system not even connected to your network? This is a technique called Van Eck Phreaking. Although this used to only work on old CRTs, it has now been perfected to also work on flat screens on computers and cell phones. This technique requires some technical know how to set up radio equipment to receive signals and receive them on a PC to recreate the image on a monitor.
“Back in 1985, Wim Van Eck proved it was possible to tune into the radio emissions produced by electromagnetic coils in a CRT display and then reconstruct the image”
In another experiment researcher’s we were to grab data using the sound emitted by the cooling fans of a server. This sounds crazy but the details are explained in one of the articles I have linked to at the end of this article. It does require some very sophisticated methods to get a bit of malware onto the servers as well as a cell phone of someone nearby.
There are steps that can be taken to prevent even these types of attacks. On top of creating an air-gapped datacenter in which the data center does not have any connection to unsecured networks (like the internet), soundproofing and RF shielding can help prevent data from being leaked from secure systems. Policies must be put in place and followed such as not allowing cell phones in or near highly sensitive datacenters and absolutely no USB thumb drives should ever be connected without approval or verification that they are clean.