Many methods have failed in the effort to secure digital communications, but one has remained relatively reliable: Faraday cages. These metallic enclosures prevent all incoming and outgoing electrical charges, and have successfully been used in the past by those hoping to conceal their wireless communications. You may remember Chelsea Manning used a makeshift Faraday cage last year when she asked New York Times reporters to dump their phones in a microwave to prevent prying ears from listening in.
Despite their often unorthodox appearance, Faraday cages are largely considered an effective, if not extreme, additional step in securing communications. While many have utilized this technology for personal uses (A bar owner in the UK even created his own Faraday cage to keep drinkers off their phones), larger institutions like banks, governments, and other corporations turn to Faraday cages to house some of their most sensitive data. These systems also vary in size. Smaller Faraday cages and Faraday bags may be used for individuals while larger corporations may create entire Faraday conference rooms.
It appears, however, that these metal mesh cages may have a chink in their armor.
A new attack method laid out in two recently released papers from researchers at the Cyber Security Research Center in Ben Gurion University in Israel, show how data could potentially be compromised even when encased in a Faraday cage.
The extraction method, dubbed MAGNETO, works by infecting an "air-gapped" device—a computer that isn't connected to the internet—with a specialized malware called ODINI that regulates that device's magnetic fields. From there, the malware can overload the CPU with calculations, forcing its magnetic fields to increase. A local smartphone, (located a maximum of 12 to 15 centimeters from the computer) can then receive the covert signals emanating off the magnetic waves to decode encryption keys, credential tokens, passwords and other sensitive information.