| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to stealing data from air-gapped computers using sound emitted by cooling fans has happened again at the Cyber Security Research Center at Ben-Gurion University in Israel. The researchers at the lab have previously designed three attacks using various methods to extract data from air-gapped machines, and now they have found another way to undermine air-gapped systems using the sound emitted by cooling fans inside computers [45000].
(b) The software failure incident related to stealing data from air-gapped computers using sound emitted by cooling fans has also happened at other organizations or with their products and services. The article mentions that the attack, like all previous ones the researchers have devised for air-gapped machines, requires the targeted machine to be infected with malware. Real-world attacks like Stuxnet and Agent.btz have shown how sensitive air-gapped machines can be infected via USB drives, indicating that this type of attack could potentially be used by attackers targeting multiple organizations [45000]. |
| Phase (Design/Operation) |
design, operation |
(a) The article discusses a software failure incident related to the design phase. The incident involves the development of a proof-of-concept malware called Fansmitter, which manipulates the speed of a computer's fans to transmit data using sound signals [45000]. This failure is attributed to the researchers at Ben-Gurion University who designed the malware as part of their research on extracting data from air-gapped systems by exploiting the sound emitted by cooling fans inside computers.
(b) The article also mentions a software failure incident related to the operation phase. In this incident, attackers would need to infect the smartphone of someone working near the targeted machine using malware designed to detect and decode the sound signals transmitted by the manipulated fans, and then send the extracted data to the attacker via SMS, Wi-Fi, or mobile data transfers [45000]. This failure is linked to the operation or misuse of the system, as the attackers exploit the proximity of smartphones to the air-gapped machines to receive the stolen data. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident described in the articles is primarily within the system. The attack on air-gapped systems using the sound emitted by cooling fans inside computers involves manipulating the speed or frequency of the fans to transmit data to nearby smartphones or computers [45000]. This manipulation is done through malware called Fansmitter, which infects the targeted machine to control the fan speed and transmit data. The attack requires the targeted machine to be infected with this malware, showcasing that the failure originates from within the system itself. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident related to non-human actions in the articles is the attack on air-gapped systems using the sound emitted by the cooling fans inside computers. The attack, known as Fansmitter, involves manipulating the speed of a computer's fans to transmit data to a nearby smartphone or computer without human participation [45000]. This attack is a form of software failure that exploits a vulnerability in the hardware (cooling fans) to extract sensitive data from air-gapped systems.
(b) The software failure incident related to human actions in the articles is the need for the attacker to infect the targeted machine with malware, such as Fansmitter, in order to carry out the attack using the sound emitted by the cooling fans. Additionally, the attacker would need to infect the smartphone of someone working near the machine to receive the sound signals, which involves human actions in deploying malware and infecting devices [45000]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware can be seen in the article where researchers in Israel found a way to steal data from air-gapped computers using the sound emitted by the cooling fans inside computers. This attack involves manipulating the speed of the computer's fans to transmit data to a nearby smartphone or computer, with different speeds representing binary ones and zeroes of the data they want to extract. The attack, named Fansmitter, requires the targeted machine to be infected with malware that manipulates the fan speed [45000].
(b) The software failure incident related to software can be observed in the same article where the attack on air-gapped computers involves the use of malware called Fansmitter to manipulate the speed of the computer's fans. This malware is used to transmit data by changing the fan speed, representing binary ones and zeroes of the data being extracted [45000]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. The incident involves a group of researchers in Israel who have developed a method to steal data from air-gapped computers using the sound emitted by the cooling fans inside computers. This attack, known as Fansmitter, requires infecting the targeted machine with malware that manipulates the speed of the fans to transmit data to a nearby smartphone or computer. The attackers need to infect the smartphone of someone working near the machine to receive the sound signals and decode them. This method is designed to bypass security measures in high-security environments that require sensitive systems to be air-gapped and have external and internal speakers removed or disabled to create an "audio gap" ([45000]). |
| Intent (Poor/Accidental Decisions) |
unknown |
The articles do not provide information about a software failure incident related to poor_decisions or accidental_decisions. |
| Capability (Incompetence/Accidental) |
unknown |
(a) The articles do not mention any software failure incident related to development incompetence.
(b) The software failure incident described in the articles is related to an intentional attack on air-gapped systems by exploiting the sound emitted by cooling fans inside computers. This attack was not accidental but rather a deliberate attempt by researchers to undermine air-gapped systems and steal data [45000]. |
| Duration |
unknown |
The articles do not provide information about a software failure incident being either permanent or temporary. |
| Behaviour |
value, other |
(a) crash: The articles do not mention any software failure incident related to a crash where the system loses state and does not perform any of its intended functions.
(b) omission: The articles do not mention any software failure incident related to omission where the system omits to perform its intended functions at an instance(s).
(c) timing: The articles do not mention any software failure incident related to timing where the system performs its intended functions correctly, but too late or too early.
(d) value: The software failure incident described in the articles involves the system performing its intended functions incorrectly. The incident involves stealing data from air-gapped computers using the sound emitted by cooling fans inside computers. The attack manipulates the speed of the fans to transmit data, with different speeds representing binary ones and zeroes of the data the attackers want to extract [45000].
(e) byzantine: The software failure incident described in the articles does not involve the system behaving erroneously with inconsistent responses and interactions.
(f) other: The behavior of the software failure incident described in the articles involves a unique method of data theft using sound waves emitted by cooling fans inside computers, which is not covered by the options provided. |