Even Air-Gapped Computers Are Vulnerable To Attack
The Coronavirus pandemic period has seen a significant increase in cyber attacks, largely due to the growth in connectivity for many devices in remote and hybrid work settings. A common approach to try and frustrate these attacks is the most simple one of all - disconnect devices from the internet. This approach known as “air gapping” is really easy.
If a device isn’t connected to the web, it can’t be attacked by hackers. This method is supported by the CIA, among many others, who recommend it as part of an organisation’s ransomware defenses. Now, it turns out not to be so simple. In fact, computer systems that are air-gapped and physically isolated from the outside world can still be attacked using lasers.
This has been demonstrated by IT security experts at Braunschweig University and the Karlsruhe Institute of Technology (KIT) who found that data can be transmitted to light-emitting diodes of regular office devices using a directed laser. Previous attempts to bypass air-gapping via electromagnetic, acoustic, or optical channels only work over short distances or at low data rates and this allows for data exfiltration only.
The Braunschweig researchers were able to demonstrate that attackers can secretly communicate with air-gapped computer systems over distances of several meters.
The Intelligent System Security Group at KIT, in cooperation with researchers from TU Braunschweig used a directed laser beam to simulate how a malicious adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. "This hidden optical communication uses light-emitting diodes already build into office devices, for instance, to display status messages on printers or telephones," explains KIT's Professor Christian Wressnegger.
Light-emitting diodes (LEDs) can receive light, although they are not designed to do so. With a directed laser beam, an adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. By directing laser light to already installed LEDs and recording their response, the researchers established a hidden communication channel over a distance of up to 25 meters that can be used bi-directionally. It reaches data rates of 18.2 kilobits per second inwards and 100 kilobits per second outwards.
Alarmingly, it appears that this optical attack technique is possible in a normal office environment with the standard network and computer devices of the sort used at companies, universities and any other organisation.
In addition to conventional information and communication technology security, it looks like critical IT systems need to be protected optically as well.
University of Braunschweig: KIT: Science Daily: I-HLS: CACM: Reddit: CPS-VO: Cybernews:
You Might Also Read:
How To Secure Web Gateway & Web Filtering: