A group of Israeli researchers have devised a method to cross what is known as the “air-gap,” a security precaution used to safeguard highly sensitive networks from the Internet by quarantining them. First, an intelligence agency could recruit an insider, or break in themselves, and insert a removable drive like a USB card. They would then use a small drone to extract the information obtained from the air-gapped network by relaying the data through the blinking light on the hard drive LED indicator. The hard drive LED indicator can be controlled from within the network at up to 6,000 blinks per second, and could therefore transmit data as fast as 4,000 bits per second—close to a megabyte every half hour—to a drone-mounted camera or telescopic lens peering in through a window.
The Cipher Take: Air-gapped, or non-Internet facing networks, tend to be used for the most sensitive networks. One of the more famous instances of crossing an air-gap was the Stuxnet worm, likely implanted into the computer networks at the Iran nuclear facility Natanz by a maintenance engineer from the German firm Siemens. Once the worm was within the network, its automated command and control kicked in, aggressively spreading and phoning home once it hit networks connected to the Internet. Since then, other ways of extracting information from air-gapped networks have been revealed, including electrometric, acoustic, and heat signature relays. The benefits of the hard drive LED indicator are that it would be stealthier, and relay more data, faster, over longer distances. The Morse-code-like blinking patterns do not halt while a computer is asleep, simply blinking anytime a program touches the hard drive, and does not require administration privileges to commence relay. Simple solutions to avoid your computer broadcasting your sensitive data: cover your LED indicator with tape or keep computers away from windows.
The Cipher Take: Air-gapped, or non-Internet facing networks, tend to be used for the most sensitive networks. One of the more famous instances of crossing an air-gap was the Stuxnet worm, likely implanted into the computer networks at the Iran nuclear facility Natanz by a maintenance engineer from the German firm Siemens. Once the worm was within the network, its automated command and control kicked in, aggressively spreading and phoning home once it hit networks connected to the Internet. Since then, other ways of extracting information from air-gapped networks have been revealed, including electrometric, acoustic, and heat signature relays. The benefits of the hard drive LED indicator are that it would be stealthier, and relay more data, faster, over longer distances. The Morse-code-like blinking patterns do not halt while a computer is asleep, simply blinking anytime a program touches the hard drive, and does not require administration privileges to commence relay. Simple solutions to avoid your computer broadcasting your sensitive data: cover your LED indicator with tape or keep computers away from windows.
https://www.thecipherbrief.com/
ΔΙΑΒΑΣΤΕ: https://isxys.blogspot.com/2016/06/air-gaped.html
No comments :
Post a Comment