For years, researchers and spies have devised ways of getting malware to computers that are “air-gapped,” or physically isolated from external network connections.
Attacks like Stuxnet, the computer worm deployed against an Iranian nuclear facility a decade ago, shattered the myth that air-gapped systems are impenetrable fortresses. In that case, suspected U.S. and Israeli intelligence operatives crossed an air gap with malware that ultimately sabotaged centrifuges at a uranium enrichment plant. They also planted an idea in the head of Mikhail Davidov, an ethical hacker: Getting malicious code into an air-gapped computer is one thing, but how do you retrieve data from the network?
One possibility, it turns out, is in the radio spectrum. With a radio, antenna, and his own computer script, Davidov figured out how to use a signal emitted by an air-gapped computer’s graphics processing unit (GPU) to exfiltrate data. Davidov, the lead security researcher at Duo Labs, published a paper with his findings Wednesday and shared them exclusively with CyberScoop.
“I was thinking a lot about data exfiltration from air-gapped networks in general and what types of vectors there could be,” Davidov said. “Often times you have to speculate about what sophisticated actors [might] be doing in the field” to demonstrate something like this in a lab, he added.
The research invites the security community to think more about how barely noticeable signals emitted by machines might be used to attack them. For governments ..
Support the originator by clicking the read the rest link below.
