Cybersecurity researchers at Ben-Gurion University of the Negev in Israel have come up with a James Bond-style method for stealing sensitive files from isolated systems.
The method is called RAMBO (short for Radiation of Air-gapped Memory Bus for Offense) because it abuses the target computer's RAM to steal data by taking advantage of the electromagnetic radiation generated by the memory while it is running.
An isolated system is disconnected from the wider network and the Internet. This is a (relatively) extreme measure reserved for only the most critical systems, containing the most important data. Thus, even if a user inadvertently introduces a malicious program (for example, via an infected USB device), the malicious program would have no way of transmitting the data to the outside world (except by copying the files directly to the USB device, which is a completely different matter).
Defense of air-gapped systems
However, in this scenario, the malware would alter RAM components to allow a recipient, who must be relatively close, to extract sensitive data.
The big drawback remains the fact that a person would have to be relatively close. Another drawback is that file transfer done this way is relatively slow. Don't expect to steal large files or databases, as it takes over two hours to download 1 megabyte of information (for the fossils among you – including the author – that's slower than dial-up).
The method could still be used to steal keystrokes, passwords or other data that doesn't take up too much space.
The best way to defend against these things is to simply not let people near valuable endpoints, experts conclude.
Through Computer beeping
