![]() What covert channels could be used, even if they offered only the most modest data rates? Airgaps in a post-Stuxnet worldīut what about data exfiltration across an airgap in a post-Stuxnet world, where the operators of airgapped networks have become much stricter about the “border controls” between the two sides of the network? You can probably extrapolate the rest of the Stuxnet saga for yourself if you aren’t familiar with it already. The puzzle was a bit like trying to find a single person on earth based only on a partial fingerprint and their approximate age.Įventually, a device was tracked down that matched the “does it look like the one we want?” rule coded into Stuxnet, and it turned out to be a type of industrial centrifuge (used for separating tricky substances with nearly-but-not-quite-identical characteristics, such as different isotopes of uranium) known to be used in Iran. ![]() Stuxnet was programmed to damage a specific piece of industrial control equipment if ever it found itself running on a computer that was hooked up in the right way to the right sort of device.įor the longest time, no one could work out what the “right” (or wrong) sort of equipment was, because the virus didn’t identify the hardware by name but merely by some arbitrary characteristics that needed to match. You might, however, allow (possibly limited) wireless technologies on the less secure side of the network, as long as no emanations from the insecure side can be received, whether by accident or design, on the secure side, and as long as there aren’t any detectable emanations at all from the secure side that could be picked up on the insecure side.Īt one time, physical airgaps such as plugging a network cable into a special socket, or using a carefully vetted USB device in a specific USB port, were considered a good solution to this problem, although even USB-based airgaps can sometimes be breached, as anyone who has studied the infamous Stuxnet virus will know. #USB WIRELESS ANTENNA HACK BLUETOOTH#Typically, this also means disallowing “free air” communications protocols such as Bluetooth and Wi-Fi, at least on the more secure side of the network, so that any interconnection points genuinely require some sort of physical interaction. Physically disconnecting the two networks so that human intervention is needed to move data between them seems like an obvious solution, creating the proverbial “airgap” mentioned in the title of Guri’s paper. ![]() …how to split a network into two parts, running at different security levels, that can nevertheless co-operate and even exchange data when needed, but only in strictly controlled and well-monitored ways. ![]() This one is entitled LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables, and it’s the latest of many BGU publications in recent years dealing with a tricky problem in cybersecurity, namely… Mordechai Guri from the abovementioned Ben Gurion University of the Negev (BGU) in Israel has recently published a new ‘data exfiltration’ paper detailing an unexpectedly effective way of sneaking very small amounts of data out of a cabled network without using any obvious sort of interconnection. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |