Even Air-Gapped Computers Are Vulnerable To Attack

The Coronavirus pandemic period has seen a significant increase in cyber attacks, largely due to the growth in connectivity for many devices in remote and hybrid work settings. A common approach to try and frustrate these attacks is the most simple one of all - disconnect devices from the internet.  This approach known as “air gapping” is really easy.

If a device isn’t connected to the web, it can’t be attacked by hackers. This method is supported by the CIA, among many others, who recommend it as part of an organisation’s ransomware defenses. Now, it turns out not to be so simple. In fact, computer systems that are air-gapped and physically isolated from the outside world can still be attacked using lasers.

This has been demonstrated by IT security experts at Braunschweig University and the Karlsruhe Institute of Technology (KIT) who found that data can be transmitted to light-emitting diodes of regular office devices using a directed laser. Previous attempts to bypass air-gapping via electromagnetic, acoustic, or optical channels only work over short distances or at low data rates and this allows for data exfiltration only.

The Braunschweig researchers were able to  demonstrate that attackers can secretly communicate with air-gapped computer systems over distances of several meters. 

The Intelligent System Security Group at KIT, in cooperation with researchers from TU Braunschweig used a directed laser beam to simulate how a malicious adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. "This hidden optical communication uses light-emitting diodes already build into office devices, for instance, to display status messages on printers or telephones," explains KIT's  Professor Christian Wressnegger

Light-emitting diodes (LEDs) can receive light, although they are not designed to do so. With a directed laser beam, an adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. By directing laser light to already installed LEDs and recording their response, the researchers established a hidden communication channel over a distance of up to 25 meters that can be used bi-directionally. It reaches data rates of 18.2 kilobits per second inwards and 100 kilobits per second outwards.

Alarmingly, it appears that this optical attack technique  is possible in a normal office environment with the standard network and computer devices of the sort used at companies, universities and any other organisation.  

In addition to conventional information and communication technology security, it looks like critical IT systems need to be protected optically as well.

University of Braunschweig:    KIT:    Science Daily:       I-HLS:   CACM:    Reddit:      CPS-VO:     Cybernews

You Might Also Read: 

How To Secure Web Gateway & Web Filtering:
 

 

« Artificial Intelligence Distorts Government Decision-Making
Quantum Computing Raises As Many Problems As It Solves »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

TNO Cyber Security Lab

TNO Cyber Security Lab

TNO Cyber Security Lab is a dedicated facility for innovative and experimental research with the goal of a safe and resilient cyberspace.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

VIQU Recruitment

VIQU Recruitment

VIQU Recruitment was formed with the primary focus of providing 'Smarter People Solutions' to the UK’s professional IT & Cyber Security markets.

Neovera

Neovera

Neovera is a trusted provider of managed services including cyber security and enterprise cloud solutions, committed to delivering results through the innovative use of scalable enterprise-grade tech.

Cybots Pte Ltd

Cybots Pte Ltd

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

VC3

VC3

VC3 provides a full range of Information Technology Solutions and Services to hundreds of municipalities and organizations throughout the USA.

NetScout

NetScout

NetScout offers a powerful combination of service assurance, cybersecurity, and business intelligence solutions for today’s most demanding service provider, enterprise and government networks.

EdgeWatch

EdgeWatch

EdgeWatch is a platform that helps information accredited security practitioners discover, monitor, and analyze devices that are accessible from the Internet.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

InfoSecTrain

InfoSecTrain

InfoSecTrain are a leading training and consulting organization dedicated to providing top-tier IT security training and information security services to organizations and individuals across the globe