Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Can cybercriminals jump your air gap?
Can cybercriminals jump your air gap?
harlan4096 Online
MalWare Zoo Team
*******
Posts: 16,174
Threads: 10,271
Thanks Received: 9,342 in 7,488 posts
Thanks Given: 10,307
Joined: 12 September 18
#1
Lightbulb  16 June 20, 15:27
Quote:
[Image: jumping-over-air-gap-featured.jpg]

Even if a computer is physically isolated, data can be stolen from it using some very unusual methods.

Internet equals troubles. That’s why one of the most radical ways to secure a computer storing extremely valuable information or controlling a critical process is never to connect it to the Internet, or maybe not to connect it to any network at all, even a local one. Such physical isolation is known as an air gap.

No connection, no problem, right? Unfortunately, that is not entirely true — some cunning ways exist to exfiltrate data even from an air-gapped device. A group of researchers at Israel’s Ben-Gurion University, headed by Mordechai Guri, specializes in such data-theft methods. We explain what they’ve found and whether you (and we) need to worry.

How to jump an air gap

That air-gapped systems are vulnerable is not news — supply-chain attacks and bribed insiders are still entirely possible. The simplest attacks use an infected flash drive, for example; that’s how the legendary Stuxnet began.

Okay, so the computer gets infected, but how can someone exfiltrate data without an Internet connection?

That’s where inventiveness meets physics. A computer may be physically isolated and not transmit any signals outside over networks, but it still generates heat, magnetic fields, and noise. It is through such nonobvious channels that someone can siphon off information.

Ultrasound

Even a computer without speakers or audio equipment is capable of making sounds in the 20 Hz–24 KHz range (if, for example, you change the frequency of the power supply). What’s more, even a device without a separate microphone can eavesdrop, because speakers or headphones can be manipulated to perform the role. A significant portion of the abovementioned range (18 KHz–24 KHz, to be precise) is outside the limits of human hearing, a quality that can be of use in various interesting ways. At home, for example, using that range can activate a smart speaker.

More relevant in this case, someone can infect a computer with malware that encodes the target information and transmits it by ultrasound. This in turn gets picked up by another infected device nearby (for example, a smartphone), and transferred to the outside world. Other methods researchers have discovered exploit the sounds made by computer fans and hard drives.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 19.6.6 / 19.6.7 Update
Changes in 19.6.6:...harlan4096 — 07:37
AdGuard for iOS 4.5.19
AdGuard for iOS 4....harlan4096 — 07:35
Adobe Acrobat Reader DC 26.001.21431
Adobe Acrobat Read...harlan4096 — 07:34
360 Total Security 11.0.0.1314
11.0.0.1314 Apr 8,...harlan4096 — 07:33
HWiNFO v8.46
HWiNFO v8.46 Re...harlan4096 — 07:31

[-]
Birthdays
Today's Birthdays
avatar (43)cdoubapKit
avatar (38)lystraPonia
avatar (31)smith8395john
Upcoming Birthdays
avatar (45)wapedDow
avatar (49)oapedDow
avatar (42)Sanchowogy
avatar (44)techlignub
avatar (43)Stevenmam
avatar (50)onlinbah
avatar (50)fuspeukChark
avatar (44)werriewWaiNg
avatar (38)Freemanleo
avatar (51)steakelask
avatar (45)Termoplenka
avatar (43)bycoPaist
avatar (49)pieloKat
avatar (43)ilyagNeexy
avatar (51)donitascene
avatar (51)Toligo
avatar (38)RobertUtelt

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>