Even Air-Gapped Computers Are Vulnerable To Attack

The Coronavirus pandemic period has seen a significant increase in cyber attacks, largely due to the growth in connectivity for many devices in remote and hybrid work settings. A common approach to try and frustrate these attacks is the most simple one of all - disconnect devices from the internet.  This approach known as “air gapping” is really easy.

If a device isn’t connected to the web, it can’t be attacked by hackers. This method is supported by the CIA, among many others, who recommend it as part of an organisation’s ransomware defenses. Now, it turns out not to be so simple. In fact, computer systems that are air-gapped and physically isolated from the outside world can still be attacked using lasers.

This has been demonstrated by IT security experts at Braunschweig University and the Karlsruhe Institute of Technology (KIT) who found that data can be transmitted to light-emitting diodes of regular office devices using a directed laser. Previous attempts to bypass air-gapping via electromagnetic, acoustic, or optical channels only work over short distances or at low data rates and this allows for data exfiltration only.

The Braunschweig researchers were able to  demonstrate that attackers can secretly communicate with air-gapped computer systems over distances of several meters. 

The Intelligent System Security Group at KIT, in cooperation with researchers from TU Braunschweig used a directed laser beam to simulate how a malicious adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. "This hidden optical communication uses light-emitting diodes already build into office devices, for instance, to display status messages on printers or telephones," explains KIT's  Professor Christian Wressnegger

Light-emitting diodes (LEDs) can receive light, although they are not designed to do so. With a directed laser beam, an adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. By directing laser light to already installed LEDs and recording their response, the researchers established a hidden communication channel over a distance of up to 25 meters that can be used bi-directionally. It reaches data rates of 18.2 kilobits per second inwards and 100 kilobits per second outwards.

Alarmingly, it appears that this optical attack technique  is possible in a normal office environment with the standard network and computer devices of the sort used at companies, universities and any other organisation.  

In addition to conventional information and communication technology security, it looks like critical IT systems need to be protected optically as well.

University of Braunschweig:    KIT:    Science Daily:       I-HLS:   CACM:    Reddit:      CPS-VO:     Cybernews

You Might Also Read: 

How To Secure Web Gateway & Web Filtering:
 

 

« Artificial Intelligence Distorts Government Decision-Making
Quantum Computing Raises As Many Problems As It Solves »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

IONU Security

IONU Security

IONU offer a security platform focused specifically on providing Data-centric Security.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

Ubisecure

Ubisecure

Ubisecure provide Identity & Access Management solutions.

App-Ray

App-Ray

App-Ray provides fully automated security analysis of mobile applications to find security issues, privacy breaches and data leaking potentials.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

Cansure

Cansure

Cansure is a leading insurance provider in Canada offering a broad range of property & casualty insurance solutions including Cyber & Data Breach insurance.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

Schweitzer Engineering Laboratories (SEL)

Schweitzer Engineering Laboratories (SEL)

SEL specializes in creating digital products and systems that protect, control, and automate power systems around the world.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.

NetDescribe

NetDescribe

NetDescribe, part of Xantaro Group, advises and supports companies in building secure and stable IT environments.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.

National Cyber Force (NCF) - UK

National Cyber Force (NCF) - UK

The National Cyber Force (NCF) is a partnership between defence and intelligence.