A few hours after dark one evening earlier this month, a small quadcopter drone lifted off from the parking lot of Ben-Gurion University in Beersheba, Israel. It soon trained its built-in camera on its target, a desktop computer's tiny blinking light inside a third-floor office nearby. The pinpoint flickers, emitting from the LED hard drive indicator that lights up intermittently on practically every modern Windows machine, would hardly arouse the suspicions of anyone working in the office after hours. But in fact, that LED was silently winking out an optical stream of the computer's secrets to the camera floating outside.

That data-stealing drone, shown in the video below, works as a Mr. Robot-style demonstration of a very real espionage technique. A group of researchers at Ben-Gurion's cybersecurity lab has devised a method to defeat the security protection known as an "air gap," the safeguard of separating highly sensitive computer systems from the internet to quarantine them from hackers. If an attacker can plant malware on one of those systems—say, by paying an insider to infect it via USB or SD card—this approach offers a new way to rapidly pull secrets out of that isolated machine. Every blink of its hard drive LED indicator can spill sensitive information to any spy with a line of sight to the target computer, whether from a drone outside the window or a telescopic lens from the next roof over.

"If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker," says Ben-Gurion researcher Mordechai Guri, who has spent years focusing on finding techniques for ferreting data out of isolated computer systems. "We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance."

Gap Attack

An air gap, in computer security, is sometimes seen as an impenetrable defense. Hackers can't compromise a computer that's not connected to the internet or other internet-connected machines, the logic goes. But malware like Stuxnet and the Agent.btz worm that infected American military systems a decade ago have proven that air gaps can't entirely keep motivated hackers out of ultra-