Why an unnetworked but powered-up drive can still leak data

For those of us looking to keep our most sensitive data safe, storing it on a drive that was unnetworked went a long way towards ensuring it was secure.

The logic behind this principal was pretty straightforward: data held on a piece of unnetworked storage media can only be accessed by those who can physically access it. In other words, hackers could not remotely access it and retrieve data held on these drives. Now, though, this may no longer be enough – provided the media is mains-powered.

A new technique, referred to in a recent report as the ‘PowerHammer’ method, makes it possible for data stored on an unnetworked drive to be accessed remotely provided the drive’s security was compromised previously. In other words, if the drive was infected with a version of Malware prior to it being removed from a network.

Via this malware, hackers can exploit current fluctuations in order to gain access to a device’s data from the lines supplying it with power or even the grid itself. If the former is used, data can be exchanged at a rate of 1,000 bits per second and 10 bits per second for the latter.

Whilst this method requires the device to have been compromised beforehand, will result in a slow transfer of data and is only slightly superior to previous methods in that no hardware needs to be attached to the device in question, it still serves as proof of the fact that keeping your data completely secure is no small task.

Yes, it’s unlikely to be used with any degree of frequency but the PowerHammer method serves as proof of the fact that, wherever a potential flaw exists, those with the inclination to do so will find both it and a way to exploit it. This method may be only mildly less difficult than HomePlug Powerline (which preceded it) but the fact that it effectively means that data can be transferred from an unnetworked drive without anyone having had physical contact with it is a tremendous breakthrough. Who would bet against it being possible for data to, one day, be remotely accessed from non-infected unnetworked drives? Maybe it’ll never happen; the point is PowerHammer makes it a more realistic possibility.

Above all else, this newly-developed method serves as proof of the fact that the need to be as vigilant as possible with regards to the protection of our most sensitive data cannot understated

Here's how Fields Data Recovery keeps its client's data safe at all times.

Comments

There is no comment for this post yet.