Even Air-Gapped Computers Are Vulnerable To Attack

The Coronavirus pandemic period has seen a significant increase in cyber attacks, largely due to the growth in connectivity for many devices in remote and hybrid work settings. A common approach to try and frustrate these attacks is the most simple one of all - disconnect devices from the internet.  This approach known as “air gapping” is really easy.

If a device isn’t connected to the web, it can’t be attacked by hackers. This method is supported by the CIA, among many others, who recommend it as part of an organisation’s ransomware defenses. Now, it turns out not to be so simple. In fact, computer systems that are air-gapped and physically isolated from the outside world can still be attacked using lasers.

This has been demonstrated by IT security experts at Braunschweig University and the Karlsruhe Institute of Technology (KIT) who found that data can be transmitted to light-emitting diodes of regular office devices using a directed laser. Previous attempts to bypass air-gapping via electromagnetic, acoustic, or optical channels only work over short distances or at low data rates and this allows for data exfiltration only.

The Braunschweig researchers were able to  demonstrate that attackers can secretly communicate with air-gapped computer systems over distances of several meters. 

The Intelligent System Security Group at KIT, in cooperation with researchers from TU Braunschweig used a directed laser beam to simulate how a malicious adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. "This hidden optical communication uses light-emitting diodes already build into office devices, for instance, to display status messages on printers or telephones," explains KIT's  Professor Christian Wressnegger

Light-emitting diodes (LEDs) can receive light, although they are not designed to do so. With a directed laser beam, an adversary can introduce data into air-gapped systems and retrieve data without additional hardware on-side at the attacked device. By directing laser light to already installed LEDs and recording their response, the researchers established a hidden communication channel over a distance of up to 25 meters that can be used bi-directionally. It reaches data rates of 18.2 kilobits per second inwards and 100 kilobits per second outwards.

Alarmingly, it appears that this optical attack technique  is possible in a normal office environment with the standard network and computer devices of the sort used at companies, universities and any other organisation.  

In addition to conventional information and communication technology security, it looks like critical IT systems need to be protected optically as well.

University of Braunschweig:    KIT:    Science Daily:       I-HLS:   CACM:    Reddit:      CPS-VO:     Cybernews

You Might Also Read: 

How To Secure Web Gateway & Web Filtering:
 

 

« Artificial Intelligence Distorts Government Decision-Making
Quantum Computing Raises As Many Problems As It Solves »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Information Security Media Group (ISMG)

Information Security Media Group (ISMG)

Information Security Media Group is the world’s largest media organization devoted solely to information security and risk management.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Electrosoft Services

Electrosoft Services

Electrosoft provide mature, innovative technology-based services and solutions to power critical IT programs and keep our nation safe from cybersecurity attacks.

ID R&D

ID R&D

ID R&D is an award-winning provider of AI-based facial liveness, document liveness, and voice biometrics.

ITQ Latam

ITQ Latam

ITQ Latam are specialists in cybersecurity, in a convergent ecosystem of technological solutions in infrastructure, cloud and security networks.

HWG Sababa

HWG Sababa

HWG Sababa is a cybersecurity provider that offers a comprehensive suite of strategic managed security solutions, services, and consultancy.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

Francisco Partners

Francisco Partners

Francisco Partners provide capital, expertise, and support for growth-aspiring technology companies.

Triskele Labs

Triskele Labs

Triskele Labs deliver services including Penetration Testing, Compliance and Risk Management through to 24*7*365 Security Operations and outsourced Cybersecurity Managers.

Amtivo Group

Amtivo Group

Amtivo provides Certification, Inspection and Training services to national and local Government bodies, multi-nationals, enterprise clients and SMEs.