Ghost in the Machine: Unveiling the Hidden Dangers of Processor Manipulation

Think your offline computer is safe from hackers? Think again, because not even air-gapped systems are beyond their reach anymore!

Hackers have developed a novel method to extract data from software that is supposed to be completely isolated from the internet. This new approach exploits the ability to adjust the speed of a computer’s processor — essentially encoding data in the processor's performance fluctuations which can then be stealthily transmitted.

Such tactics could bypass stringent security measures like air-gapping, where devices are kept offline to prevent data breaches. Researchers at Boise State University have demonstrated that even with robust firewalls and security policies, sensitive data can be siphoned off by manipulating the duty cycles of CPU processors, achieving data transfer rates of about 55 bits per second.

This method uses the Intel processor’s feature to vary power usage for saving energy or boosting performance, turning it into a covert channel for data leakage. This alarming discovery underscores a significant oversight in cybersecurity defenses, where even the most secure systems aren't impervious to breaches.

Read the full article on New Scientist.

----