Even Air-Gapped Computers Are Vulnerable To Attack

Uploaded on 2022-09-22 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The Coronavirus pandemic period has seen a significant increase in cyber attacks, largely due to the growth in connectivity for many devices in remote and hybrid work settings. A common approach to try and frustrate these attacks is the most simple one of all - disconnect devices from the internet.  This approach known as “air gapping” is really easy.

If a device isn’t connected to the web, it can’t be attacked by hackers. This method is supported by the CIA, among many others, who recommend it as part of an organisation’s ransomware defenses. Now, it turns out not to be so simple. In fact, computer systems that are air-gapped and physically isolated from the outside world can still be attacked using lasers.

This has been demonstrated by IT security experts at Braunschweig University and the Karlsruhe Institute of Technology (KIT) who found that data can be transmitted to light-emitting diodes of regular office devices using a directed laser. Previous attempts to bypass air-gapping via electromagnetic, acoustic, or optical channels only work over short distances or at low data rates and this allows for data exfiltration only.

The Braunschweig researchers were able to  demonstrate that attackers can secretly communicate with air-gapped computer systems over distances of several meters. 

The Intelligent System Security Group at KIT, in cooperation with researchers from TU Braunschweig used a directed laser beam to simulate how a malicious adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. "This hidden optical communication uses light-emitting diodes already build into office devices, for instance, to display status messages on printers or telephones," explains KIT's  Professor Christian Wressnegger

Light-emitting diodes (LEDs) can receive light, although they are not designed to do so. With a directed laser beam, an adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. By directing laser light to already installed LEDs and recording their response, the researchers established a hidden communication channel over a distance of up to 25 meters that can be used bi-directionally. It reaches data rates of 18.2 kilobits per second inwards and 100 kilobits per second outwards.

Alarmingly, it appears that this optical attack technique  is possible in a normal office environment with the standard network and computer devices of the sort used at companies, universities and any other organisation.  

In addition to conventional information and communication technology security, it looks like critical IT systems need to be protected optically as well.

University of Braunschweig:    KIT:    Science Daily:       I-HLS:   CACM:    Reddit:      CPS-VO:     Cybernews

You Might Also Read: 

How To Secure Web Gateway & Web Filtering:
 

 

« Artificial Intelligence Distorts Government Decision-Making
Quantum Computing Raises As Many Problems As It Solves »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

AVANTEC

AVANTEC

AVANTEC is the leading Swiss provider of IT security solutions in the areas of cloud, content, network and endpoint security.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Cybastion

Cybastion

Cybastion develops robust world-class cybersecurity solutions tailored to suit the needs of different businesses, governments and public sector entities.

Beround

Beround

Beround is an IT consultancy firm specialized in software testing.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

Third Wave Innovations

Third Wave Innovations

Third Wave Innovations (formerly RCS Secure) offers a full spectrum of cybersecurity safeguards and IT services.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.

Hiya

Hiya

Hiya's mission is to secure voice with trust, identity and intelligence. We're protecting people from spam and fraud calls, and helping carriers secure their networks for all.

Zeroday Ops

Zeroday Ops

At ZeroDay Ops, our vision is to democratize cybersecurity by making enterprise-grade vulnerability assessment accessible, continuous, and actionable for every organization in the digital world.

Cyberdise

Cyberdise

Cyberdise is an AI-driven cybersecurity awareness solution designed for companies with complex security requirements.

Gray Swan

Gray Swan

Gray Swan is the safety and security provider for the AI era, founded by world leading experts in the AI safety and security space.