According to report, the Israeli security researchers at Ben-Gurion University has developed a techniques to steal data from any physically isolated devices by using LED indicators including Caps Lock, Num Lock and Scroll Lock keys on the Keyboard. This new techniques developed by Israeli specialists is known as CTRL-ALT-LED. Let’s take have a look at this new way to extract data in detail.
CTRL-ALT-LED Data Stealing Method: New Way to Extract Data from Isolated System
Researchers claim that there is need of pre-installation of malware on the targeted machine before using this new data stealing tool. CTRL-ALT-LED is just a way to gather data. Malware program by using custom data transfer protocol is capable to make LED indicators on USB connected Keyboard blinks at very high speed. However, attacker can record these flashes and then unlock the information using the same techniques that was used to lock the data. Moreover, Israeli researchers have tested CTRL-ALT-LED method on various devices like Smartphone, Smartwatch, cameras, surveillance cameras, light sensors and optical sensors.
Further statement of Israeli researchers about this method, hacker or attacker will required to be close to the System in order to record flashes using Smartwatch or Smartphone. On other hand, video surveillance Systems has a keyboard in sight which can also be used for data stealing purpose.
When we talk about experiments, specialists were able to extract data with the speed to 3000 bits/second using sensitive light sensors and about 120 bits/second in tests using conventional Smartphone camera. However, the speed might vary according to sensitivity of camera and distance on the keyboard while attacks don’t needs any modifications of keyboard at firmware or hardware levels.
Who are the Targets?
According to Cyber security experts, CTRL-ALT-LED Method is new way to extract data from the isolated devices including ike Smartphone, Smartwatch, cameras, surveillance cameras, light sensors and optical sensors. However, the main purpose of making this method is to attack the System which has high level of protection including government networks that stores sensitive information, or big company networks which has private information about intellectual rights. For any suggestions or queries, please write on comment box given below.