Collaborate Disseminate
Bad news for fans of air-gapped security – researchers have outlined how it could be defeated by converting speakers into ultra-sonic transceivers. Continue reading Speakers can be used to jump air-gapped systems
Chances are, one of the first places you may have heard about an air gap computer was on TV. Olivia Pope on “Scandal” knows what air gap technology is. Elliot on “Mr. Robot” knows how to circumvent an air gap to gain access to h… Continue reading What Your Favorite TV Shows Get Right (and Hilariously Wrong) About Air Gap Technology
Who said that all computers are connected today? They are many classified environments where computers can simply never connect to the wild Internet. But sometimes, you need to install some pieces of software from online resources. The classic case is Python modules. Let’s take a practical example with the PyMISP which
[The post Installing Python Modules on Air-Gapped Hosts has been first published on /dev/random]
Continue reading Installing Python Modules on Air-Gapped Hosts
If a couple of generations of spy movies have taught us anything, it’s that secret agents get the best toys. And although it may not be as cool as a radar-equipped Aston Martin or a wire-flying rig for impossible vault heists, this DIY TEMPEST system lets you snoop on computers using secondary RF emissions.
If the term TEMPEST sounds familiar, it’s because we’ve covered it before. [Elliot Williams] gave an introduction to the many modalities that fall under the TEMPEST umbrella, the US National Security Agency’s catch-all codename for bridging air gaps by monitoring the unintended RF, light, or even …read more
Invisible data exfiltration from isolated networks Continue reading Using infrared cameras to break out of air-gapped networks
What high-tech, ultra-secure data center would be complete without dozens of video cameras directed both inward and outward? After all, the best informatic security means nothing without physical security. But those eyes in the sky can actually serve as a vector for attack, if this air-gap bridging exploit using networked security cameras is any indication.
It seems like the Cyber Security Lab at Ben-Gurion University is the place where air gaps go to die. They’ve knocked off an impressive array of air gap bridging hacks, like modulating power supply fans and hard drive activity indicators. The current work centers on …read more
Proof-of-concept malware called aIR-Jumper can be used to bypass air-gapped network protections and send data in and out of network. Continue reading Malware Steals Data From Air-Gapped Network via Security Cameras
If you are an organisation that is custodian of sensitive information or infrastructure, it would be foolhardy of you to place it directly on the public Internet. No matter how good your security might be, there is always the risk that a miscreant could circumvent it, and perform all sorts of mischief. The solution employed therefore is to physically isolate such sensitive equipment from the rest of the world, creating an air gap. Nothing can come in and nothing can go out, or so goes the theory.
Well, that’s the theory, anyway. [Davidl] sends us some work that punches …read more
Continue reading Getting Data Out Of Air-Gapped Networks Through The Power Cable
Researchers in the past have exfiltrated information through air gaps by blinking all sorts of lights from LEDs in keyboards to the main display itself. However, all of these methods all have one problem in common: they are extremely noticeable. If you worked in a high-security lab and your computer screen started to blink at a rapid pace, you might be a little concerned. But fret not, a group of researchers has found a new light to blink (PDF warning). Conveniently, this light blinks “randomly” even without the help of a virus: it’s the hard drive activity indication light. …read more
Continue reading Do you trust your hard drive indication light?
It is incredibly interesting how many parts of a computer system are capable of leaking data in ways that is hard to imaging. Part of securing highly sensitive locations involves securing the computers and networks used in those facilities in order to prevent this. These IT security policies and practices have been evolving and tightening through the years, as malicious actors increasingly target vital infrastructure.
Sometimes, when implementing strong security measures on a vital computer system, a technique called air-gapping is used. Air-gapping is a measure or set of measures to ensure a secure computer is physically isolated from unsecured …read more
Continue reading Hacking the Aether: How Data Crosses the Air-Gap
