Cybersecurity researchers at Ben-Gurion University of the Negev in Israel have devised a James Bond-style way to steal sensitive files from locked systems.
The method is called RAMBO (Radiation of Air-gapped Memory Bus for Offense) because it exploits the target computer’s RAM memory to steal data, using electromagnetic radiation generated by the memory during operation.
An air-gapped system is disconnected from the wider network and the internet. This is a (relatively) extreme measure that is reserved only for the most critical systems, those containing the most important data. So even if a user inadvertently introduces a piece of malware (for example, via a compromised USB device), the malware still has no way to transmit the data to the outside world (other than by copying the files directly to said USB, which is a whole other beast).
Defending air-gapped systems
However, in this scenario, the malware would manipulate RAM components so that the receiver, which must be relatively close by, can steal sensitive data.
The big caveat is still that a person has to be relatively close. Another caveat is that file transfers this way are relatively slow. Don’t expect to steal large files or databases, as it takes over two hours to download 1 megabyte of information (for the fossils among you – author included – that’s slower than dial-up).
The method can still be used to steal keystrokes, passwords, and other data that doesn’t take up too much space.
The best way to defend against this is to keep people away from valuable endpoints, the experts conclude.
Via BleepingComputer